CVE-2023-33119 – Time-of-check Time-of-use (TOCTOU) Race Condition in Hypervisor
https://notcve.org/view.php?id=CVE-2023-33119
Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache. Daños en la memoria al cargar una máquina virtual desde una imagen de máquina virtual firmada que no es coherente en la memoria caché del procesador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2024-21468 – Use After Free in Kernel
https://notcve.org/view.php?id=CVE-2024-21468
Memory corruption when there is failed unmap operation in GPU. Corrupción de la memoria cuando falla la operación de desasignación en la GPU. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-416: Use After Free •
CVE-2023-33115 – Buffer Over-read in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-33115
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. Corrupción de la memoria durante el procesamiento de la inicialización del búfer, cuando se generan informes confiables para ciertos tipos de informes. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2023-33111 – Improper Validation of Array Index in Audio
https://notcve.org/view.php?id=CVE-2023-33111
Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. Divulgación de información cuando el estado de calibración del VI establecido por ADSP es mayor que MAX_FBSP_STATE en el payload de respuesta al comando de calibración AFE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-129: Improper Validation of Array Index •
CVE-2023-33101 – Incorrect Type Conversion or Cast in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33101
Transient DOS while processing DL NAS TRANSPORT message with payload length 0. DOS transitorio mientras se procesa el mensaje DL NAS TRANSPORT con longitud de payload 0. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-704: Incorrect Type Conversion or Cast •