CVSS: 7.8EPSS: 0%CPEs: 686EXPL: 0CVE-2024-23368 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2024-23368
01 Jul 2024 — Memory corruption when allocating and accessing an entry in an SMEM partition. Corrupción de la memoria al asignar y acceder a una entrada en una partición SMEM. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 622EXPL: 0CVE-2024-21462 – Buffer Over-read in TZ Secure OS
https://notcve.org/view.php?id=CVE-2024-21462
01 Jul 2024 — Transient DOS while loading the TA ELF file. DOS transitorio mientras se carga el archivo TA ELF. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 626EXPL: 0CVE-2024-21461 – Double Free in HLOS
https://notcve.org/view.php?id=CVE-2024-21461
01 Jul 2024 — Memory corruption while performing finish HMAC operation when context is freed by keymaster. Corrupción de la memoria al realizar la operación de finalización de HMAC cuando Keymaster libera el contexto. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 624EXPL: 0CVE-2023-43536 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43536
06 Feb 2024 — Transient DOS while parse fils IE with length equal to 1. DOS transitorio mientras analiza fils IE con una longitud igual a 1. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 482EXPL: 0CVE-2023-43533 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43533
06 Feb 2024 — Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. DOS transitorio en el firmware WLAN cuando la longitud de la baliza recibida es menor que la longitud de la frame de la baliza ieee802.11. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 578EXPL: 0CVE-2023-43522 – NULL Pointer Dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43522
06 Feb 2024 — Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. DOS transitorio durante el proceso de desencapsulación de claves, cuando la clave cifrada proporcionada está vacía o es NULL. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 534EXPL: 0CVE-2023-43513 – Use of Out-of-range Pointer Offset in PCIe
https://notcve.org/view.php?id=CVE-2023-43513
06 Feb 2024 — Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. Corrupción de la memoria al procesar el anillo de eventos, el puntero de lectura de contexto no es confiable para HLOS y cuando se pasa con valores arbitrarios, puede apuntar a la dirección en el medio del elemento del anillo. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 9.3EPSS: 0%CPEs: 496EXPL: 0CVE-2023-33072 – Buffer copy without checking size of Input in Core
https://notcve.org/view.php?id=CVE-2023-33072
06 Feb 2024 — Memory corruption in Core while processing control functions. Corrupción de la memoria en Core durante el procesamiento de funciones de control. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 718EXPL: 0CVE-2023-43511 – Loop with Unreachable Exit Condition (Infinite Loop) in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43511
02 Jan 2024 — Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. DOS transitorio mientras se analiza el encabezado de extensión IPv6 cuando el firmware WLAN recibe un paquete IPv6 que contiene "IPPROTO_NONE" como el siguiente encabezado. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 464EXPL: 0CVE-2023-33120 – Use After Free in Audio
https://notcve.org/view.php?id=CVE-2023-33120
02 Jan 2024 — Memory corruption in Audio when memory map command is executed consecutively in ADSP. Corrupción de la memoria en audio cuando el comando de mapa de memoria se ejecuta consecutivamente en ADSP. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-416: Use After Free •