[SECURITY] Fedora 38 Update: ppp-2.4.9-10.fc38

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

PT-2024-12605 · Google +1 · Tensor +1

Name of the Vulnerable Software and Affected Versions: No specific software or version information is provided, but affected chipsets include Tensor Pixel and Exynos basebands. Description: The issue is related to the incorrect handling of malformed NAS messages, which can cause a modem crash. Th...

CVE-2023-33040

Transient DOS in Data Modem during DTLS handshake...

CVE-2023-33025

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call...

Hardcoded credentials

Transient DOS in Data Modem during DTLS handshake...

Memory corruption

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call...

CVE-2023-33040 Buffer Over-read in Data Modem

Transient DOS in Data Modem during DTLS handshake...

CVE-2023-33040 Buffer Over-read in Data Modem

Transient DOS in Data Modem during DTLS handshake...

CVE-2023-33040

CVE-2023-33040 affects Qualcomm closed‑source Data Modem components and is described as a Transient DoS during the DTLS handshake. The provided documents do not explicitly detail the affected product versions, root cause, vulnerable functions, or a vendor patch version. Public exploit information...

CVE-2023-33025 Buffer Copy without Checking Size of Input in Data Modem

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call...

CVE-2023-33025

CVE-2023-33025 is a memory corruption issue in the Qualcomm Data Modem that occurs when a non-standard SDP body is received during a VOLTE call. The vulnerability affects Qualcomm closed-source Data Modem components and is described as a high-severity fault with potential impact to confidentialit...

CVE-2023-33025 Buffer Copy without Checking Size of Input in Data Modem

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call...

CVE-2023-32886

In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807...

CVE-2023-32887

In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 MSV-892...

CVE-2023-32888

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 MSV-894...

CVE-2023-32889

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 MSV-895...

CVE-2023-32890

In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 MSV-963...

CVE-2023-32889

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 MSV-895...

CVE-2023-32874

In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 MSV-893...

Out-of-bounds

In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 MSV-892...