Information disclosure

Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header...

Information disclosure

Information disclosure in modem due to buffer over-read while processing packets from DNS server...

Memory corruption

Memory correction in modem due to buffer overwrite during coap connection...

Input validation

Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message...

Information disclosure

Information disclosure due to buffer over-read while parsing DNS response packets in Modem...

Design/Logic Flaw

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call...

Memory corruption

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card...

Null pointer dereference

Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message...

Information disclosure

Information disclosure due to buffer over-read in modem while reading configuration parameters...

Memory corruption

memory corruption in modem due to improper check while calculating size of serialized CoAP message...

Information disclosure

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length...

The Bug Report - March 2023 Edition

The Bug Report – March 2023 Edition By Trellix · April 05, 2023 This story was also written by Kasimir Schulz. It really is bussin, though. Why am I here? Welcome back to the Bug Report, Ides of March edition! Last month was highlighted by glimpses into the past, with a historic attack technique...

Integer overflow

An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments...

CVE-2022-33298 Use after free in Modem

Memory corruption due to use after free in Modem while modem initialization...

CVE-2022-33298 Use after free in Modem

Memory corruption due to use after free in Modem while modem initialization...

CVE-2022-33298

CVE-2022-33298 corresponds to a memory corruption issue caused by a use-after-free in the Modem during modem initialization. Multiple connected sources reference a Modem-related vulnerability with memory corruption as the impact; however, the provided documents do not specify affected models, fir...

CVE-2022-33296 Integer overflow to buffer overflow in Modem

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message...

CVE-2022-33296 Integer overflow to buffer overflow in Modem

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message...

CVE-2022-33296

CVE-2022-33296 describes memory corruption due to an integer overflow that becomes a buffer overflow in the Modem when parsing a Traffic Channel Neighbor List Update message. This affects Qualcomm modem components and is documented across multiple sources (NVD, Red Hat, CVE lists). The root cause...

CVE-2022-33295 Buffer over-read in Modem

Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length...