Lucene search

[email protected]CVE-2023-43535

HistoryFeb 06, 2024 - 6:16 a.m.

CVE-2023-43535

2024-02-0606:16:03

CWE-129

[email protected]

web.nvd.nist.gov

cve-2023-43535

memory corruption

negative display ids

displayescape event

nvd

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger.

Affected configurations

NVD

Node

qualcommfastconnect_6700_firmwareMatch-

AND

qualcommfastconnect_6700Match-

Node

qualcommfastconnect_6900_firmwareMatch-

AND

qualcommfastconnect_6900Match-

Node

qualcommfastconnect_7800_firmwareMatch-

AND

qualcommfastconnect_7800Match-

Node

qualcommsc8380xp_firmwareMatch-

AND

qualcommsc8380xpMatch-

Node

qualcommsnapdragon_7c\+_gen_3_compute_firmwareMatch-

AND

qualcommsnapdragon_7c\+_gen_3_computeMatch-

Node

qualcommsnapdragon_8cx_gen_3_compute_platform_firmwareMatch-

AND

qualcommsnapdragon_8cx_gen_3_compute_platformMatch-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwcd9385_firmwareMatch-

AND

qualcommwcd9385Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

Node

qualcommwsa8840_firmwareMatch-

AND

qualcommwsa8840Match-

Node

qualcommwsa8845_firmwareMatch-

AND

qualcommwsa8845Match-

Node

qualcommwsa8845h_firmwareMatch-

AND

qualcommwsa8845hMatch-

CPENameOperatorVersion
qualcomm:fastconnect_6700_firmwarequalcomm fastconnect 6700 firmwareeq-

CPE	Name	Operator	Version
qualcomm:fastconnect_6700_firmware	qualcomm fastconnect 6700 firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Compute"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "FastConnect 6700"
      },
      {
        "status": "affected",
        "version": "FastConnect 6900"
      },
      {
        "status": "affected",
        "version": "FastConnect 7800"
      },
      {
        "status": "affected",
        "version": "SC8380XP"
      },
      {
        "status": "affected",
        "version": "Snapdragon 7c+ Gen 3 Compute"
      },
      {
        "status": "affected",
        "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"
      },
      {
        "status": "affected",
        "version": "WCD9380"
      },
      {
        "status": "affected",
        "version": "WCD9385"
      },
      {
        "status": "affected",
        "version": "WSA8830"
      },
      {
        "status": "affected",
        "version": "WSA8835"
      },
      {
        "status": "affected",
        "version": "WSA8840"
      },
      {
        "status": "affected",
        "version": "WSA8845"
      },
      {
        "status": "affected",
        "version": "WSA8845H"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2023-43535

prion1 nvd1 cvelist1