CVSS: 7.5EPSS: 0%CPEs: 718EXPL: 0CVE-2023-43511 – Loop with Unreachable Exit Condition (Infinite Loop) in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. DOS transitorio mientras se analiza el encabezado de extensión IPv6 cuando el firmware WLAN recibe un paquete IPv6 que contiene "IPPROTO_NONE" como el siguiente encabezado. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 590EXPL: 0CVE-2023-28565 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28565
Memory corruption in WLAN HAL while handling command streams through WMI interfaces. Corrupción de memoria en WLAN HAL al manejar flujos de comandos a través de interfaces WMI. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 534EXPL: 0CVE-2023-28560 – Buffer Copy Without Checking Size of Input in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28560
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. Corrupción de memoria en WLAN HAL al procesar devIndex desde un payload WMI no fiable. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 566EXPL: 0CVE-2023-21628 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-21628
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 68EXPL: 0CVE-2016-10490
https://notcve.org/view.php?id=CVE-2016-10490
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, if a negative value is passed as argument "max" to qurt_qdi_state_local_new_handle_from_obj, an buffer overflow occurs, due to typecasting the signed integer to unsigned. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850 y SDX20, si se pasa un valor negativo como argumento "max" en qurt_qdi_state_local_new_handle_from_obj, ocurre un desbordamiento de búfer debido a que se cambia el entero de firmado a no firmado. • http://www.securityfocus.com/bid/103671 https://source.android.com/security/bulletin/2018-04-01 • CWE-189: Numeric Errors •