CVSS: 7.8EPSS: 0%CPEs: 686EXPL: 0CVE-2024-23368 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2024-23368
Memory corruption when allocating and accessing an entry in an SMEM partition. Corrupción de la memoria al asignar y acceder a una entrada en una partición SMEM. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 306EXPL: 0CVE-2023-43518 – Untrusted Pointer Dereference in Video
https://notcve.org/view.php?id=CVE-2023-43518
Memory corruption in video while parsing invalid mp2 clip. Corrupción de la memoria en el vídeo al analizar un clip mp2 no válido. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 534EXPL: 0CVE-2023-43513 – Use of Out-of-range Pointer Offset in PCIe
https://notcve.org/view.php?id=CVE-2023-43513
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. Corrupción de la memoria al procesar el anillo de eventos, el puntero de lectura de contexto no es confiable para HLOS y cuando se pasa con valores arbitrarios, puede apuntar a la dirección en el medio del elemento del anillo. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 464EXPL: 0CVE-2023-33120 – Use After Free in Audio
https://notcve.org/view.php?id=CVE-2023-33120
Memory corruption in Audio when memory map command is executed consecutively in ADSP. Corrupción de la memoria en audio cuando el comando de mapa de memoria se ejecuta consecutivamente en ADSP. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 272EXPL: 0CVE-2023-33118 – Use After Free in Automotive Audio
https://notcve.org/view.php?id=CVE-2023-33118
Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. Corrupción de la memoria durante el procesamiento de búfer de paylaod del cliente Listen Sound Model cuando hay una solicitud para que la sesión Listen Sound obtenga el parámetro de ST HAL. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-416: Use After Free •