Qcx315 Firmware Security Vulnerabilities - February 2023

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.