CVE-2023-33037 – Cryptographic Issues in Automotive
https://notcve.org/view.php?id=CVE-2023-33037
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. Problema criptográfico en Automotive al desenvolver la clave secs2d y verificar con datos de RPMB. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-310: Cryptographic Issues CWE-311: Missing Encryption of Sensitive Data •
CVE-2023-33036 – NULL Pointer Dereference in Hypervisor
https://notcve.org/view.php?id=CVE-2023-33036
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. DOS permanente en Hypervisor mientras una máquina virtual que no es de confianza y sin soporte PSCI realiza una llamada de PSCI. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-476: NULL Pointer Dereference •
CVE-2023-33030 – Buffer Copy without Checking Size of Input in HLOS
https://notcve.org/view.php?id=CVE-2023-33030
Memory corruption in HLOS while running playready use-case. Corrupción de la memoria en HLOS mientras se ejecuta el caso de uso de PlayReady. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2023-33014 – Improper Input Validation in Services
https://notcve.org/view.php?id=CVE-2023-33014
Information disclosure in Core services while processing a Diag command. Divulgación de información en servicios principales mientras se procesa un comando Diag. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-20: Improper Input Validation •
CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •