Lucene search

K
cvelistQualcommCVELIST:CVE-2023-43525
HistoryMay 06, 2024 - 2:32 p.m.

CVE-2023-43525 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

2024-05-0614:32:04
CWE-120
qualcomm
www.cve.org
cve-2023-43525
memory corruption
sound model

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.0%

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto",
      "Snapdragon Mobile"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "AR8035"
      },
      {
        "status": "affected",
        "version": "FastConnect 7800"
      },
      {
        "status": "affected",
        "version": "QAM8255P"
      },
      {
        "status": "affected",
        "version": "QAM8295P"
      },
      {
        "status": "affected",
        "version": "QAM8650P"
      },
      {
        "status": "affected",
        "version": "QAM8775P"
      },
      {
        "status": "affected",
        "version": "QAMSRV1H"
      },
      {
        "status": "affected",
        "version": "QAMSRV1M"
      },
      {
        "status": "affected",
        "version": "QCA6574AU"
      },
      {
        "status": "affected",
        "version": "QCA6584AU"
      },
      {
        "status": "affected",
        "version": "QCA6696"
      },
      {
        "status": "affected",
        "version": "QCA6698AQ"
      },
      {
        "status": "affected",
        "version": "QCA8081"
      },
      {
        "status": "affected",
        "version": "QCA8337"
      },
      {
        "status": "affected",
        "version": "QCC710"
      },
      {
        "status": "affected",
        "version": "QCN6224"
      },
      {
        "status": "affected",
        "version": "QCN6274"
      },
      {
        "status": "affected",
        "version": "QFW7114"
      },
      {
        "status": "affected",
        "version": "QFW7124"
      },
      {
        "status": "affected",
        "version": "SA6145P"
      },
      {
        "status": "affected",
        "version": "SA6150P"
      },
      {
        "status": "affected",
        "version": "SA6155P"
      },
      {
        "status": "affected",
        "version": "SA7255P"
      },
      {
        "status": "affected",
        "version": "SA8145P"
      },
      {
        "status": "affected",
        "version": "SA8150P"
      },
      {
        "status": "affected",
        "version": "SA8155P"
      },
      {
        "status": "affected",
        "version": "SA8195P"
      },
      {
        "status": "affected",
        "version": "SA8255P"
      },
      {
        "status": "affected",
        "version": "SA8295P"
      },
      {
        "status": "affected",
        "version": "SA8620P"
      },
      {
        "status": "affected",
        "version": "SA8650P"
      },
      {
        "status": "affected",
        "version": "SA8770P"
      },
      {
        "status": "affected",
        "version": "SA8775P"
      },
      {
        "status": "affected",
        "version": "SA9000P"
      },
      {
        "status": "affected",
        "version": "Snapdragon Auto 5G Modem-RF Gen 2"
      },
      {
        "status": "affected",
        "version": "Snapdragon X72 5G Modem-RF System"
      },
      {
        "status": "affected",
        "version": "Snapdragon X75 5G Modem-RF System"
      },
      {
        "status": "affected",
        "version": "SRV1H"
      },
      {
        "status": "affected",
        "version": "SRV1M"
      },
      {
        "status": "affected",
        "version": "WCD9340"
      }
    ]
  }
]

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.0%

Related for CVELIST:CVE-2023-43525