Lucene search

QualcommCVE-2023-33039

HistoryOct 03, 2023 - 6:15 a.m.

CVE-2023-33039

2023-10-0306:15:27

CWE-416

qualcomm

web.nvd.nist.gov

cve-2023-33039

memory corruption

automotive display

image handle

connected display driver

nvd

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

Percentile

9.0%

JSON

Memory corruption in Automotive Display while destroying the image handle created using connected display driver.

Affected configurations

Nvd

Node

qualcommqam8295p_firmwareMatch-

AND

qualcommqam8295pMatch-

Node

qualcommqam8650p_firmwareMatch-

AND

qualcommqam8650pMatch-

Node

qualcommqamsrv1h_firmwareMatch-

AND

qualcommqamsrv1hMatch-

Node

qualcommqca6574a_firmwareMatch-

AND

qualcommqca6574aMatch-

Node

qualcommqca6574au_firmwareMatch-

AND

qualcommqca6574auMatch-

Node

qualcommqca6595au_firmwareMatch-

AND

qualcommqca6595auMatch-

Node

qualcommqca6696_firmwareMatch-

AND

qualcommqca6696Match-

Node

qualcommsa6145p_firmwareMatch-

AND

qualcommsa6145pMatch-

Node

qualcommsa6150p_firmwareMatch-

AND

qualcommsa6150pMatch-

Node

qualcommsa6155_firmwareMatch-

AND

qualcommsa6155Match-

Node

qualcommsa6155p_firmwareMatch-

AND

qualcommsa6155pMatch-

Node

qualcommsa8145p_firmwareMatch-

AND

qualcommsa8145pMatch-

Node

qualcommsa8150p_firmwareMatch-

AND

qualcommsa8150pMatch-

Node

qualcommsa8155_firmwareMatch-

AND

qualcommsa8155Match-

Node

qualcommsa8155p_firmwareMatch-

AND

qualcommsa8155pMatch-

Node

qualcommsa8195p_firmwareMatch-

AND

qualcommsa8195pMatch-

Node

qualcommsa8295p_firmwareMatch-

AND

qualcommsa8295pMatch-

Node

qualcommsa8540p_firmwareMatch-

AND

qualcommsa8540pMatch-

Node

qualcommsa8650p_firmwareMatch-

AND

qualcommsa8650pMatch-

Node

qualcommsa9000p_firmwareMatch-

AND

qualcommsa9000pMatch-

Node

qualcommsrv1h_firmwareMatch-

AND

qualcommsrv1hMatch-

VendorProductVersionCPE
qualcommqam8295p_firmware-cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*
qualcommqam8295p-cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*
qualcommqam8650p_firmware-cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*
qualcommqam8650p-cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*
qualcommqamsrv1h_firmware-cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*
qualcommqamsrv1h-cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*
qualcommqca6574a_firmware-cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
qualcommqca6574a-cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*
qualcommqca6574au_firmware-cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
qualcommqca6574au-cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	qam8295p_firmware	-	cpe:2.3:o:qualcomm:qam8295p_firmware:-:::::::*
qualcomm	qam8295p	-	cpe:2.3:h:qualcomm:qam8295p:-:::::::*
qualcomm	qam8650p_firmware	-	cpe:2.3:o:qualcomm:qam8650p_firmware:-:::::::*
qualcomm	qam8650p	-	cpe:2.3:h:qualcomm:qam8650p:-:::::::*
qualcomm	qamsrv1h_firmware	-	cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:::::::*
qualcomm	qamsrv1h	-	cpe:2.3:h:qualcomm:qamsrv1h:-:::::::*
qualcomm	qca6574a_firmware	-	cpe:2.3:o:qualcomm:qca6574a_firmware:-:::::::*
qualcomm	qca6574a	-	cpe:2.3:h:qualcomm:qca6574a:-:::::::*
qualcomm	qca6574au_firmware	-	cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::*
qualcomm	qca6574au	-	cpe:2.3:h:qualcomm:qca6574au:-:::::::*

Rows per page:

1-10 of 421

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "QAM8295P"
      },
      {
        "status": "affected",
        "version": "QAM8650P"
      },
      {
        "status": "affected",
        "version": "QAMSRV1H"
      },
      {
        "status": "affected",
        "version": "QCA6574A"
      },
      {
        "status": "affected",
        "version": "QCA6574AU"
      },
      {
        "status": "affected",
        "version": "QCA6595AU"
      },
      {
        "status": "affected",
        "version": "QCA6696"
      },
      {
        "status": "affected",
        "version": "SA6145P"
      },
      {
        "status": "affected",
        "version": "SA6150P"
      },
      {
        "status": "affected",
        "version": "SA6155"
      },
      {
        "status": "affected",
        "version": "SA6155P"
      },
      {
        "status": "affected",
        "version": "SA8145P"
      },
      {
        "status": "affected",
        "version": "SA8150P"
      },
      {
        "status": "affected",
        "version": "SA8155"
      },
      {
        "status": "affected",
        "version": "SA8155P"
      },
      {
        "status": "affected",
        "version": "SA8195P"
      },
      {
        "status": "affected",
        "version": "SA8295P"
      },
      {
        "status": "affected",
        "version": "SA8540P"
      },
      {
        "status": "affected",
        "version": "SA8650P"
      },
      {
        "status": "affected",
        "version": "SA9000P"
      },
      {
        "status": "affected",
        "version": "SRV1H"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-33039