CVE-2023-21650

EPSS 0.04%
Published 08.08.2023 10:15:13
Last modified 21.11.2024 07:43:17
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.

Affected products Warnungen 0 Metrics 3 CWE 2 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Aqt1000 Firmware Version-

Qualcomm ≫ Aqt1000 Version-

Qualcomm ≫ Csrb31024 Firmware Version-

Qualcomm ≫ Csrb31024 Version-

Qualcomm ≫ Qam8295p Firmware Version-

Qualcomm ≫ Qam8295p Version-

Qualcomm ≫ Qca6390 Firmware Version-

Qualcomm ≫ Qca6390 Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6420 Firmware Version-

Qualcomm ≫ Qca6420 Version-

Qualcomm ≫ Qca6426 Firmware Version-

Qualcomm ≫ Qca6426 Version-

Qualcomm ≫ Qca6430 Firmware Version-

Qualcomm ≫ Qca6430 Version-

Qualcomm ≫ Qca6436 Firmware Version-

Qualcomm ≫ Qca6436 Version-

Qualcomm ≫ Qca6564 Firmware Version-

Qualcomm ≫ Qca6564 Version-

Qualcomm ≫ Qca6564au Firmware Version-

Qualcomm ≫ Qca6564au Version-

Qualcomm ≫ Qca6574a Firmware Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Firmware Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6595au Firmware Version-

Qualcomm ≫ Qca6595au Version-

Qualcomm ≫ Qca6696 Firmware Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Qcc5100 Firmware Version-

Qualcomm ≫ Qcc5100 Version-

Qualcomm ≫ Qcs410 Firmware Version-

Qualcomm ≫ Qcs410 Version-

Qualcomm ≫ Qcs610 Firmware Version-

Qualcomm ≫ Qcs610 Version-

Qualcomm ≫ Sa415m Firmware Version-

Qualcomm ≫ Sa415m Version-

Qualcomm ≫ Sa6145p Firmware Version-

Qualcomm ≫ Sa6145p Version-

Qualcomm ≫ Sa6150p Firmware Version-

Qualcomm ≫ Sa6150p Version-

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sa8145p Firmware Version-

Qualcomm ≫ Sa8145p Version-

Qualcomm ≫ Sa8150p Firmware Version-

Qualcomm ≫ Sa8150p Version-

Qualcomm ≫ Sa8155p Firmware Version-

Qualcomm ≫ Sa8155p Version-

Qualcomm ≫ Sa8195p Firmware Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sa8295p Firmware Version-

Qualcomm ≫ Sa8295p Version-

Qualcomm ≫ Sd855 Firmware Version-

Qualcomm ≫ Sd855 Version-

Qualcomm ≫ Sd865 5g Firmware Version-

Qualcomm ≫ Sd865 5g Version-

Qualcomm ≫ Sd870 Firmware Version-

Qualcomm ≫ Sd870 Version-

Qualcomm ≫ Sda429w Firmware Version-

Qualcomm ≫ Sda429w Version-

Qualcomm ≫ Sdx55m Firmware Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Sdxr2 5g Firmware Version-

Qualcomm ≫ Sdxr2 5g Version-

Qualcomm ≫ Sw5100 Firmware Version-

Qualcomm ≫ Sw5100 Version-

Qualcomm ≫ Sw5100p Firmware Version-

Qualcomm ≫ Sw5100p Version-

Qualcomm ≫ Wcd9341 Firmware Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcn3610 Firmware Version-

Qualcomm ≫ Wcn3610 Version-

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wcn3680b Firmware Version-

Qualcomm ≫ Wcn3680b Version-

Qualcomm ≫ Wcn3950 Firmware Version-

Qualcomm ≫ Wcn3950 Version-

Qualcomm ≫ Wcn3980 Firmware Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3988 Firmware Version-

Qualcomm ≫ Wcn3988 Version-

Qualcomm ≫ Wcn3998 Firmware Version-

Qualcomm ≫ Wcn3998 Version-

Qualcomm ≫ Wcn6850 Firmware Version-

Qualcomm ≫ Wcn6850 Version-

Qualcomm ≫ Wcn6851 Firmware Version-

Qualcomm ≫ Wcn6851 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.069

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-21650

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-21650

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-21650

EUVD