Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveQualcommCVE-2023-21640
HistoryJul 04, 2023 - 5:15 a.m.

CVE-2023-21640

2023-07-0405:15:10
CWE-787
CWE-120
qualcomm
web.nvd.nist.gov
32
cve-2023-21640
linux
memory corruption
file upload
api
nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

9.0%

JSON

Memory corruption in Linux when the file upload API is called with parameters having large buffer.

Affected configurations

Nvd
Node
qualcommfastconnect_6900_firmwareMatch-
AND
qualcommfastconnect_6900Match-
Node
qualcommfastconnect_7800_firmwareMatch-
AND
qualcommfastconnect_7800Match-
Node
qualcommsnapdragon_8_gen_1_firmwareMatch-
AND
qualcommsnapdragon_8_gen_1Match-
Node
qualcommwcd9380_firmwareMatch-
AND
qualcommwcd9380Match-
Node
qualcommwsa8830_firmwareMatch-
AND
qualcommwsa8830Match-
Node
qualcommwsa8835_firmwareMatch-
AND
qualcommwsa8835Match-
VendorProductVersionCPE
qualcommfastconnect_6900_firmware-cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_6900-cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
qualcommfastconnect_7800_firmware-cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_7800-cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
qualcommsnapdragon_8_gen_1_firmware-cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*
qualcommsnapdragon_8_gen_1-cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*
qualcommwcd9380_firmware-cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
qualcommwcd9380-cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
qualcommwsa8830_firmware-cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
qualcommwsa8830-cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 121

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Mobile"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "FastConnect 6900"
      },
      {
        "status": "affected",
        "version": "FastConnect 7800"
      },
      {
        "status": "affected",
        "version": "Snapdragon 8 Gen 1 Mobile Platform"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      }
    ]
  }
]

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2023-21640 Buffer Copy Without Checking Size of Input in Linux
2023-07-04 04:46:36
nvd
nvd
CVE-2023-21640
2023-07-04 05:15:10
prion
prion
Memory corruption
2023-07-04 05:15:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for CVE-2023-21640
cvelist1nvd1prion1