CVE-2023-28538 – Stack-based Buffer Overflow in WIN Product
https://notcve.org/view.php?id=CVE-2023-28538
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Corrupción de la memoria en el producto WIN al invocar el controlador de actualización WinAcpi en la región UEFI. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-21646 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2023-21646
Transient DOS in Modem while processing invalid System Information Block 1. Un ataque de denegación de servicios (DOS) transitorio en Modem cuando se procesa información inválida del sistema Block 1. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-617: Reachable Assertion •
CVE-2023-28537 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-28537
Memory corruption while allocating memory in COmxApeDec module in Audio. Corrupción de memoria al asignar memoria en el módulo COmxApeDec en Audio. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2023-22666 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-22666
Memory Corruption in Audio while playing amrwbplus clips with modified content. Corrupción de memoria en audio al reproducir clips amrwbplus con contenido modificado. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2023-21652 – Key Management Errors in HLOS
https://notcve.org/view.php?id=CVE-2023-21652
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Problema criptográfico en HLOS ya que las claves derivadas utilizadas para cifrar/descifrar información están presentes en la pila después de su uso. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-320: Key Management Errors CWE-798: Use of Hard-coded Credentials •