Lucene search

[email protected]CVE-2023-21655

HistorySep 05, 2023 - 7:15 a.m.

CVE-2023-21655

2023-09-0507:15:12

CWE-190

[email protected]

web.nvd.nist.gov

cve-2023-21655

memory corruption

audio

metadata

validation

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Memory corruption in Audio while validating and mapping metadata.

Affected configurations

NVD

Node

qualcommqca6391_firmwareMatch-

AND

qualcommqca6391Match-

Node

qualcommqca6574au_firmwareMatch-

AND

qualcommqca6574auMatch-

Node

qualcommqca6696_firmwareMatch-

AND

qualcommqca6696Match-

Node

qualcommqcc5100_firmwareMatch-

AND

qualcommqcc5100Match-

Node

qualcommsa6145p_firmwareMatch-

AND

qualcommsa6145pMatch-

Node

qualcommsa6150p_firmwareMatch-

AND

qualcommsa6150pMatch-

Node

qualcommsa6155p_firmwareMatch-

AND

qualcommsa6155pMatch-

Node

qualcommsa8145p_firmwareMatch-

AND

qualcommsa8145pMatch-

Node

qualcommsa8150p_firmwareMatch-

AND

qualcommsa8150pMatch-

Node

qualcommsa8155p_firmwareMatch-

AND

qualcommsa8155pMatch-

Node

qualcommsa8195p_firmwareMatch-

AND

qualcommsa8195pMatch-

Node

qualcommsd_8_gen1_5g_firmwareMatch-

AND

qualcommsd_8_gen1_5gMatch-

Node

qualcommsd888_5g_firmwareMatch-

AND

qualcommsd888_5gMatch-

Node

qualcommsda429w_firmwareMatch-

AND

qualcommsda429wMatch-

Node

qualcommsw5100_firmwareMatch-

AND

qualcommsw5100Match-

Node

qualcommsw5100p_firmwareMatch-

AND

qualcommsw5100pMatch-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcn3610_firmwareMatch-

AND

qualcommwcn3610Match-

Node

qualcommwcn3660b_firmwareMatch-

AND

qualcommwcn3660bMatch-

Node

qualcommwcn3680b_firmwareMatch-

AND

qualcommwcn3680bMatch-

Node

qualcommwcn3980_firmwareMatch-

AND

qualcommwcn3980Match-

Node

qualcommwcn3988_firmwareMatch-

AND

qualcommwcn3988Match-

Node

qualcommwcn6850_firmwareMatch-

AND

qualcommwcn6850Match-

Node

qualcommwcn6851_firmwareMatch-

AND

qualcommwcn6851Match-

Node

qualcommwcn6855_firmwareMatch-

AND

qualcommwcn6855Match-

Node

qualcommwcn6856_firmwareMatch-

AND

qualcommwcn6856Match-

Node

qualcommwcn7850_firmwareMatch-

AND

qualcommwcn7850Match-

Node

qualcommwcn7851_firmwareMatch-

AND

qualcommwcn7851Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

CPENameOperatorVersion
qualcomm:qca6391_firmwarequalcomm qca6391 firmwareeq-

CPE	Name	Operator	Version
qualcomm:qca6391_firmware	qualcomm qca6391 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto",
      "Snapdragon Industrial IOT",
      "Snapdragon Mobile",
      "Snapdragon Wearables"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "QCA6391"
      },
      {
        "status": "affected",
        "version": "QCA6574AU"
      },
      {
        "status": "affected",
        "version": "QCA6696"
      },
      {
        "status": "affected",
        "version": "QCC5100"
      },
      {
        "status": "affected",
        "version": "SA6145P"
      },
      {
        "status": "affected",
        "version": "SA6150P"
      },
      {
        "status": "affected",
        "version": "SA6155P"
      },
      {
        "status": "affected",
        "version": "SA8145P"
      },
      {
        "status": "affected",
        "version": "SA8150P"
      },
      {
        "status": "affected",
        "version": "SA8155P"
      },
      {
        "status": "affected",
        "version": "SA8195P"
      },
      {
        "status": "affected",
        "version": "SD 8 Gen1 5G"
      },
      {
        "status": "affected",
        "version": "SD888 5G"
      },
      {
        "status": "affected",
        "version": "SDA429W"
      },
      {
        "status": "affected",
        "version": "SW5100"
      },
      {
        "status": "affected",
        "version": "SW5100P"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCD9385"
      },
      {
        "status": "affected",
        "version": "WCN3610"
      },
      {
        "status": "affected",
        "version": "WCN3660B"
      },
      {
        "status": "affected",
        "version": "WCN3680B"
      },
      {
        "status": "affected",
        "version": "WCN3980"
      },
      {
        "status": "affected",
        "version": "WCN3988"
      },
      {
        "status": "affected",
        "version": "WCN6850"
      },
      {
        "status": "affected",
        "version": "WCN6851"
      },
      {
        "status": "affected",
        "version": "WCN6855"
      },
      {
        "status": "affected",
        "version": "WCN6856"
      },
      {
        "status": "affected",
        "version": "WCN7850"
      },
      {
        "status": "affected",
        "version": "WCN7851"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-21655

prion1 cvelist1 nvd1