Lucene search

[email protected]CVE-2023-21671

HistoryNov 07, 2023 - 6:15 a.m.

CVE-2023-21671

2023-11-0706:15:08

CWE-20

[email protected]

web.nvd.nist.gov

cve-2023-21671

memory corruption

core

syscall

sectools

fuse comparison

nvd

9.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Memory Corruption in Core during syscall for Sectools Fuse comparison feature.

Affected configurations

NVD

Node

qualcommfastconnect_6700_firmwareMatch-

AND

qualcommfastconnect_6700Match-

Node

qualcommfastconnect_6900_firmwareMatch-

AND

qualcommfastconnect_6900Match-

Node

qualcommqca6391_firmwareMatch-

AND

qualcommqca6391Match-

Node

qualcommqcm6490_firmwareMatch-

AND

qualcommqcm6490Match-

Node

qualcommqcs6490_firmwareMatch-

AND

qualcommqcs6490Match-

Node

qualcommqsm8350_firmwareMatch-

AND

qualcommqsm8350Match-

Node

qualcommqualcomm_video_collaboration_vc3_platform_firmwareMatch-

AND

qualcommqualcomm_video_collaboration_vc3_platformMatch-

Node

qualcommsd888_firmwareMatch-

AND

qualcommsd888Match-

Node

qualcommsm7315_firmwareMatch-

AND

qualcommsm7315Match-

Node

qualcommsm7325p_firmwareMatch-

AND

qualcommsm7325pMatch-

Node

qualcommsnapdragon_778g_5g_mobile_platform_firmwareMatch-

AND

qualcommsnapdragon_778g_5g_mobile_platformMatch-

Node

qualcommsnapdragon_778g\+_5g_mobile_platform_firmwareMatch-

AND

qualcommsnapdragon_778g\+_5g_mobile_platformMatch-

Node

qualcommsnapdragon_780g_5g_mobile_platform_firmwareMatch-

AND

qualcommsnapdragon_780g_5g_mobile_platformMatch-

Node

qualcommsnapdragon_782g_mobile_platform_firmwareMatch-

AND

qualcommsnapdragon_782g_mobile_platformMatch-

Node

qualcommsnapdragon_7c\+_gen_3_compute_firmwareMatch-

AND

qualcommsnapdragon_7c\+_gen_3_computeMatch-

Node

qualcommsnapdragon_888_5g_mobile_platform_firmwareMatch-

AND

qualcommsnapdragon_888_5g_mobile_platformMatch-

Node

qualcommsnapdragon_888\+_5g_mobile_platform__firmwareMatch-

AND

qualcommsnapdragon_888\+_5g_mobile_platform_Match-

Node

qualcommwcd9370_firmwareMatch-

AND

qualcommwcd9370Match-

Node

qualcommwcd9375_firmwareMatch-

AND

qualcommwcd9375Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwcn6740_firmwareMatch-

AND

qualcommwcn6740Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

CPENameOperatorVersion
qualcomm:fastconnect_6700_firmwarequalcomm fastconnect 6700 firmwareeq-

CPE	Name	Operator	Version
qualcomm:fastconnect_6700_firmware	qualcomm fastconnect 6700 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto",
      "Snapdragon Compute",
      "Snapdragon Industrial IOT",
      "Snapdragon Mobile"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "FastConnect 6700"
      },
      {
        "status": "affected",
        "version": "FastConnect 6900"
      },
      {
        "status": "affected",
        "version": "QCA6391"
      },
      {
        "status": "affected",
        "version": "QCM6490"
      },
      {
        "status": "affected",
        "version": "QCS6490"
      },
      {
        "status": "affected",
        "version": "QSM8350"
      },
      {
        "status": "affected",
        "version": "Qualcomm Video Collaboration VC3 Platform"
      },
      {
        "status": "affected",
        "version": "SD888"
      },
      {
        "status": "affected",
        "version": "SM7315"
      },
      {
        "status": "affected",
        "version": "SM7325P"
      },
      {
        "status": "affected",
        "version": "Snapdragon 778G 5G Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)"
      },
      {
        "status": "affected",
        "version": "Snapdragon 780G 5G Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 782G Mobile Platform (SM7325-AF)"
      },
      {
        "status": "affected",
        "version": "Snapdragon 7c+ Gen 3 Compute"
      },
      {
        "status": "affected",
        "version": "Snapdragon 888 5G Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
      },
      {
        "status": "affected",
        "version": "WCD9370"
      },
      {
        "status": "affected",
        "version": "WCD9375"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCD9385"
      },
      {
        "status": "affected",
        "version": "WCN6740"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin

Social References

9.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2023-21671

prion1 cvelist1 nvd1