CVSS: 7.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-28557 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28557
05 Sep 2023 — Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Corrupción de memoria en WLAN HAL al procesar parámetros de comando de un payload WMI que no es de confianza. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 456EXPL: 0CVE-2023-28549 – Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28549
05 Sep 2023 — Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Corrupción de memoria en WLAN HAL al analizar el búfer Rx en el procesamiento del payload TLV. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 372EXPL: 0CVE-2023-28548 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28548
05 Sep 2023 — Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Corrupción de memoria en WLAN HAL al procesar comandos Tx/Rx desde QDART. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 418EXPL: 0CVE-2023-28544 – Buffer Copy without Checking the Size of Input in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-28544
05 Sep 2023 — Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers. Corrupción de memoria en WLAN al enviar comandos de transmisión desde HLOS a controladores UTF. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 86EXPL: 0CVE-2023-21667 – Buffer Over-read in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2023-21667
05 Sep 2023 — Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. Vulnerabilidad de denegación de servicios (DoS) transitorio en Bluetooth HOST al pasar el descriptor para validar el teclado BT de la lista negra. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 274EXPL: 0CVE-2023-21664 – Buffer Copy without Checking the Size of Input(Classic Buffer Overflow) in Core Platform
https://notcve.org/view.php?id=CVE-2023-21664
05 Sep 2023 — Memory Corruption in Core Platform while printing the response buffer in log. Corrupción de la memoria en Core Platform al imprimir el búfer de respuesta en el registro. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 272EXPL: 0CVE-2023-21662 – Buffer Copy without Checking the Size of Input(Classic Buffer Overflow) in Core Platform
https://notcve.org/view.php?id=CVE-2023-21662
05 Sep 2023 — Memory corruption in Core Platform while printing the response buffer in log. Corrupción de la memoria en Core Platform al imprimir el búfer de respuesta en el registro. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 112EXPL: 0CVE-2023-21654 – Improper Restriction of Operations within the Bounds of a Memory Buffer in Audio
https://notcve.org/view.php?id=CVE-2023-21654
05 Sep 2023 — Memory corruption in Audio during playback session with audio effects enabled. Corrupción de la memoria en audio durante la sesión de reproducción con efectos de audio habilitados. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 518EXPL: 0CVE-2022-33275 – Improper validation of array index in WLAN HAL
https://notcve.org/view.php?id=CVE-2022-33275
05 Sep 2023 — Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. Corrupción de memoria debido a la validación incorrecta del índice de matriz en WLAN HAL cuando se recibe "lm_itemNum" estando fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2023-28577 – Multiple Dmabuf Kernel Address UAF Vulnerability
https://notcve.org/view.php?id=CVE-2023-28577
08 Aug 2023 — In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel address. En la llamada a la función CAM_REQ_MGR_RELEASE_BUF no se comprueba si el buffer está siendo utilizado. Así que cuando una función llama a cam_mem_get_cpu_buf para obtener la va del kernel a utilizar, otro hilo puede llamar a... • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-416: Use After Free •