CVE-2023-21642

Memory corruption in HAB Memory management due to broad system privileges via physical address.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:43

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 8.4
References () https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin - Vendor Advisory () https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin - Vendor Advisory

12 Apr 2024, 17:16

Type Values Removed Values Added
CWE CWE-284

Information

Published : 2023-05-02 06:15

Updated : 2024-11-21 07:43


NVD link : CVE-2023-21642

Mitre link : CVE-2023-21642

CVE.ORG link : CVE-2023-21642


JSON object : View

Products Affected

qualcomm

  • sa6155p
  • sa6150p_firmware
  • qca6574au_firmware
  • sa8195p_firmware
  • sa8150p_firmware
  • sa8540p
  • sa8295p_firmware
  • qam8295p_firmware
  • qam8295p
  • sa8155p_firmware
  • sa9000p
  • sa9000p_firmware
  • sa8155p
  • sa8540p_firmware
  • qca6574au
  • qca6696
  • sa8145p
  • sa6155p_firmware
  • sa8145p_firmware
  • sa6145p
  • sa8195p
  • qca6696_firmware
  • sa6145p_firmware
  • sa6150p
  • sa8295p
  • sa8150p
CWE
CWE-284

Improper Access Control

NVD-CWE-Other