Lucene search

[email protected]NVD:CVE-2023-21640

HistoryJul 04, 2023 - 5:15 a.m.

CVE-2023-21640

2023-07-0405:15:10

CWE-120

CWE-787

[email protected]

web.nvd.nist.gov

linux

memory corruption

file upload api

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Memory corruption in Linux when the file upload API is called with parameters having large buffer.

Affected configurations

Nvd

Node

qualcommfastconnect_6900_firmwareMatch-

AND

qualcommfastconnect_6900Match-

Node

qualcommfastconnect_7800_firmwareMatch-

AND

qualcommfastconnect_7800Match-

Node

qualcommsnapdragon_8_gen_1_firmwareMatch-

AND

qualcommsnapdragon_8_gen_1Match-

Node

qualcommwcd9380_firmwareMatch-

AND

qualcommwcd9380Match-

Node

qualcommwsa8830_firmwareMatch-

AND

qualcommwsa8830Match-

Node

qualcommwsa8835_firmwareMatch-

AND

qualcommwsa8835Match-

VendorProductVersionCPE
qualcommfastconnect_6900_firmware-cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_6900-cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
qualcommfastconnect_7800_firmware-cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
qualcommfastconnect_7800-cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
qualcommsnapdragon_8_gen_1_firmware-cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*
qualcommsnapdragon_8_gen_1-cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*
qualcommwcd9380_firmware-cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
qualcommwcd9380-cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
qualcommwsa8830_firmware-cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
qualcommwsa8830-cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	fastconnect_6900_firmware	-	cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::*
qualcomm	fastconnect_6900	-	cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::*
qualcomm	fastconnect_7800_firmware	-	cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::*
qualcomm	fastconnect_7800	-	cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::*
qualcomm	snapdragon_8_gen_1_firmware	-	cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:::::::*
qualcomm	snapdragon_8_gen_1	-	cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:::::::*
qualcomm	wcd9380_firmware	-	cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::*
qualcomm	wcd9380	-	cpe:2.3:h:qualcomm:wcd9380:-:::::::*
qualcomm	wsa8830_firmware	-	cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::*
qualcomm	wsa8830	-	cpe:2.3:h:qualcomm:wsa8830:-:::::::*

Rows per page:

1-10 of 121

References

www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-21640

cvelist1 prion1 cve1