CVE-2023-43551 – Improper Authentication in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-43551
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. Problema criptográfico al realizar la conexión con una red LTE, una estación base no autorizada puede omitir la fase de autenticación y enviar inmediatamente el comando del modo de seguridad. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-287: Improper Authentication •
CVE-2023-43545 – Integer Overflow or Wraparound in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43545
Memory corruption when more scan frequency list or channels are sent from the user space. Corrupción de la memoria cuando se envían más listas de frecuencias de escaneo o canales desde el espacio del usuario. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •
CVE-2023-43542 – Buffer Copy Without Checking Size of Input in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-43542
Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked. Corrupción de la memoria al copiar el material de un keyblob cuando el tamaño del material de la clave no se verifica con precisión. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-43538 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-43538
Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization. Corrupción de la memoria en TZ Secure OS durante la inicialización de Tunnel Invoke Manager. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-21477 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2024-21477
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. DOS transitorio mientras se analiza un cuadro de medición de tiempo fino (FTM) 802.11az protegido. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html • CWE-126: Buffer Over-read •