NotCVE-2023-0001 – Secure Boot Bypass in MSM8916/APQ8016 Mobile SoC
https://notcve.org/view.php?id=NotCVE-2023-0001
A physical attacker may leverage improper protection against voltage glitching in Qualcomm’s Secure Boot implementation in chipsets MSM8916 and APQ8016 to execute arbitrary code in the device due to a badly secured hash value check. • https://cyberintel.es/cve/notCVE-2023-0001/ • CWE-1247: Improper Protection Against Voltage and Clock Glitches •
CVE-2024-38402 – Use After Free in DSP Services
https://notcve.org/view.php?id=CVE-2024-38402
Memory corruption while processing IOCTL call for getting group info. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-416: Use After Free •
CVE-2024-33060 – Use After Free in DSP Service
https://notcve.org/view.php?id=CVE-2024-33060
Memory corruption when two threads try to map and unmap a single node simultaneously. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-416: Use After Free •
CVE-2024-33057 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33057
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVE-2024-33054 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision
https://notcve.org/view.php?id=CVE-2024-33054
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •