Lucene search
QualcommVULNRICHMENT:CVE-2023-33077HistoryFeb 06, 2024 - 5:47 a.m.
CVE-2023-33077 Buffer Copy Without Checking Size of Input in HLOS
2024-02-0605:47:14
CWE-120
qualcomm
github.com
cve-2023-33077
memory corruption
authorization token
hidl vector
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Memory corruption in HLOS while converting from authorization token to HIDL vector.
ADP Affected
[
{
"cpes": [
"cpe:2.3:h:qualcomm:snapdragon:-:*:*:*:*:*:*:*"
],
"vendor": "qualcomm",
"product": "snapdragon",
"versions": [
{
"status": "affected",
"version": "aqt1000"
},
{
"status": "affected",
"version": "ar8035"
},
{
"status": "affected",
"version": "c-v2x-9150"
},
{
"status": "affected",
"version": "fastconnect_6200"
},
{
"status": "affected",
"version": "fastconnect_6800"
},
{
"status": "affected",
"version": "fastconnect_6900"
},
{
"status": "affected",
"version": "fastconnect7800"
},
{
"status": "affected",
"version": "qam8295p"
},
{
"status": "affected",
"version": "qam8650p"
},
{
"status": "affected",
"version": "qam8775p"
},
{
"status": "affected",
"version": "qamsrv1h"
},
{
"status": "affected",
"version": "qamsrv1m"
},
{
"status": "affected",
"version": "qca6310"
},
{
"status": "affected",
"version": "qca6320"
},
{
"status": "affected",
"version": "qca6391"
},
{
"status": "affected",
"version": "qca6420"
},
{
"status": "affected",
"version": "qca6426"
},
{
"status": "affected",
"version": "qca6430"
},
{
"status": "affected",
"version": "qca6436"
},
{
"status": "affected",
"version": "qca6574au"
},
{
"status": "affected",
"version": "qca6584au"
},
{
"status": "affected",
"version": "qca6696"
},
{
"status": "affected",
"version": "qca6698aq"
},
{
"status": "affected",
"version": "qca8081"
},
{
"status": "affected",
"version": "qca8337"
},
{
"status": "affected",
"version": "qcc710"
},
{
"status": "affected",
"version": "qcn6224"
},
{
"status": "affected",
"version": "qcn6274"
},
{
"status": "affected",
"version": "qcn9074"
},
{
"status": "affected",
"version": "qcs410"
},
{
"status": "affected",
"version": "qcs610"
},
{
"status": "affected",
"version": "qcs8155"
},
{
"status": "affected",
"version": "qfw7114"
},
{
"status": "affected",
"version": "qfw7124"
},
{
"status": "affected",
"version": "qualcomm_video_collaboration_vc3_platform"
},
{
"status": "affected",
"version": "qualcommm_video_collaboration_vc3_platform"
},
{
"status": "affected",
"version": "sa4150p"
},
{
"status": "affected",
"version": "sa4155p"
},
{
"status": "affected",
"version": "sa6145p"
},
{
"status": "affected",
"version": "sa6150p"
},
{
"status": "affected",
"version": "sa6155p"
},
{
"status": "affected",
"version": "sa8145p"
},
{
"status": "affected",
"version": "sa8150p"
},
{
"status": "affected",
"version": "sa8155p"
},
{
"status": "affected",
"version": "sa8195p"
},
{
"status": "affected",
"version": "sa8255p"
},
{
"status": "affected",
"version": "sa8295p"
},
{
"status": "affected",
"version": "sa8650p"
},
{
"status": "affected",
"version": "sa8770p"
},
{
"status": "affected",
"version": "sa8775p"
},
{
"status": "affected",
"version": "sa9000p"
},
{
"status": "affected",
"version": "sd670"
},
{
"status": "affected",
"version": "sd835"
},
{
"status": "affected",
"version": "sd855"
},
{
"status": "affected",
"version": "sd865_5g"
},
{
"status": "affected",
"version": "sdx55"
},
{
"status": "affected",
"version": "snapdragon_670_mobile_platform"
},
{
"status": "affected",
"version": "snapdragon_710_mobile_platform"
},
{
"status": "affected",
"version": "snapdragon_8_gen_1_mobile_platform"
},
{
"status": "affected",
"version": "snapdragon_835_mobile_platform"
},
{
"status": "affected",
"version": "snapdragon_855_mobile_platform"
},
{
"status": "affected",
"version": "snapdragon_855_plus_5g_mobile_platform\\/sm8250-ac\\/"
},
{
"status": "affected",
"version": "snapdragon_870_5g_moden-rf_gen_2"
},
{
"status": "affected",
"version": "snapdragon_auto_5g_moden-rf_gen_2"
},
{
"status": "affected",
"version": "snapdragon_w5_plus_gen_1_wearable_platform"
},
{
"status": "affected",
"version": "snapdragon_wear_4100_plus_platform"
},
{
"status": "affected",
"version": "snapdragon_x55_5g_moden-rf_system"
},
{
"status": "affected",
"version": "snapdragon_x75_5g__modem-rf_system"
},
{
"status": "affected",
"version": "snapdragon_xr1_platform"
},
{
"status": "affected",
"version": "snapdragon_xr2_5g_platform"
},
{
"status": "affected",
"version": "srv1h"
},
{
"status": "affected",
"version": "srv1m"
},
{
"status": "affected",
"version": "sw5100"
},
{
"status": "affected",
"version": "sw5100p"
},
{
"status": "affected",
"version": "sxr1120"
},
{
"status": "affected",
"version": "sxr2130"
},
{
"status": "affected",
"version": "wxd9326"
},
{
"status": "affected",
"version": "wcd9335"
},
{
"status": "affected",
"version": "wcd9340"
},
{
"status": "affected",
"version": "wcd9341"
},
{
"status": "affected",
"version": "wcd9370"
},
{
"status": "affected",
"version": "wcd9380"
},
{
"status": "affected",
"version": "wcn3610"
},
{
"status": "affected",
"version": "wcn3660b"
},
{
"status": "affected",
"version": "wcn3680b"
},
{
"status": "affected",
"version": "wcn3950"
},
{
"status": "affected",
"version": "wcn3980"
},
{
"status": "affected",
"version": "wcn3988"
},
{
"status": "affected",
"version": "wcn3990"
},
{
"status": "affected",
"version": "wsa8810"
},
{
"status": "affected",
"version": "wsa8815"
},
{
"status": "affected",
"version": "wsa8830"
},
{
"status": "affected",
"version": "wsa8835"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2023-33077
2024-02-06 06:16:00
cve
cve
CVE-2023-33077
2024-02-06 06:16:00
prion
prion
Memory corruption
2024-02-06 06:16:00
cvelist
cvelist
CVE-2023-33077 Buffer Copy Without Checking Size of Input in HLOS
2024-02-06 05:47:14
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-33077