CVE-2023-28585 – Integer Overflow to Buffer Overflow in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28585
Memory corruption while loading an ELF segment in TEE Kernel. Corrupción de la memoria al cargar un segmento ELF en TEE Kernel. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVE-2023-28546 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28546
Memory Corruption in SPS Application while exporting public key in sorter TA. Corrupción de la memoria en la aplicación SPS al exportar la clave pública en el clasificador TA. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-33074 – Use After Free in Audio
https://notcve.org/view.php?id=CVE-2023-33074
Memory corruption in Audio when SSR event is triggered after music playback is stopped. Corrupción de la memoria en Audio cuando se activa el evento SSR después de detener la reproducción de música. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVE-2023-33059 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33059
Memory corruption in Audio while processing the VOC packet data from ADSP. Corrupción de la memoria en Audio mientras se procesan los datos del paquete VOC desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVE-2023-33055 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33055
Memory Corruption in Audio while invoking callback function in driver from ADSP. Corrupción de la memoria en Audio al invocar la función de devolución de llamada en el controlador desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •