Lucene search
HistoryJul 04, 2023 - 5:15 a.m.
CVE-2023-21639
cve-2023-21639
memory corruption
audio
sva_model_serializer
hidl client
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Affected configurations
Node
qualcommaqt1000Match-
qualcommaqt1000_firmwareMatch-
Node
qualcommfastconnect_6200_firmwareMatch-
qualcommfastconnect_6200Match-
Node
qualcommqca6420_firmwareMatch-
qualcommqca6420Match-
Node
qualcommqca6430_firmwareMatch-
qualcommqca6430Match-
Node
qualcommsa4150p_firmwareMatch-
qualcommsa4150pMatch-
Node
qualcommsa4155p_firmwareMatch-
qualcommsa4155pMatch-
Node
qualcommsa6155p_firmwareMatch-
qualcommsa6155pMatch-
Node
qualcommsa8155p_firmwareMatch-
qualcommsa8155pMatch-
Node
qualcommsa8195p_firmwareMatch-
qualcommsa8195pMatch-
Node
qualcommsd855_firmwareMatch-
qualcommsd855Match-
Node
qualcommsnapdragon_855_firmwareMatch-
qualcommsnapdragon_855Match-
Node
qualcommsnapdragon_855\+\/860_firmwareMatch-
qualcommsnapdragon_855\+\/860Match-
Node
qualcommsnapdragon_w5\+_gen_1_firmwareMatch-
qualcommsnapdragon_w5\+_gen_1Match-
Node
qualcommsw5100_firmwareMatch-
qualcommsw5100Match-
Node
qualcommsw5100p_firmwareMatch-
qualcommsw5100pMatch-
Node
qualcommwcd9341_firmwareMatch-
qualcommwcd9341Match-
Node
qualcommwcn3980_firmwareMatch-
qualcommwcn3980Match-
Node
qualcommwcn3988_firmwareMatch-
qualcommwcn3988Match-
Node
qualcommwsa8810_firmwareMatch-
qualcommwsa8810Match-
Node
qualcommwsa8815_firmwareMatch-
qualcommwsa8815Match-
Node
qualcommwsa8830_firmwareMatch-
qualcommwsa8830Match-
Node
qualcommwsa8835_firmwareMatch-
qualcommwsa8835Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| qualcomm:aqt1000_firmware | qualcomm aqt1000 firmware | eq | - |
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon Mobile",
"Snapdragon Wearables"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "SA4150P"
},
{
"status": "affected",
"version": "SA4155P"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "Snapdragon 855 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
},
{
"status": "affected",
"version": "Snapdragon W5+ Gen 1 Wearable Platform"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
]Related
prion
prion
Memory corruption
2023-07-04 05:15:00
cvelist
cvelist
CVE-2023-21639 Buffer Copy Without Checking the Size of Input in Audio
2023-07-04 04:46:35
nvd
nvd
CVE-2023-21639
2023-07-04 05:15:10
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for CVE-2023-21639