CVE-2023-21671

Memory Corruption in Core during syscall for Sectools Fuse comparison feature.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qsm8350_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qsm8350:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc3_platform:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd888:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:sm7315_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7315:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sm7325p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7325p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_778g_5g_mobile_platform:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_778g\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_778g\+_5g_mobile_platform:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_780g_5g_mobile_platform:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_782g_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_782g_mobile_platform:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_7c\+_gen_3_compute:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_888_5g_mobile_platform:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_888\+_5g_mobile_platform__firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_888\+_5g_mobile_platform_:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

12 Apr 2024, 17:16

Type	Values Removed	Values Added
CWE		CWE-20

14 Nov 2023, 18:26

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CPE		cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6740_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7315_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_782g_mobile_platform:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:h:qualcomm:sm7315:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:h:qualcomm:snapdragon_888\+_5g_mobile_platform_:-:::::::* cpe:2.3:h:qualcomm:wcn6740:-:::::::* cpe:2.3:o:qualcomm:qca6391_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_7c\+_gen_3_compute_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_780g_5g_mobile_platform:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:o:qualcomm:qsm8350_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_780g_5g_mobile_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc3_platform:-:::::::* cpe:2.3:h:qualcomm:qcs6490:-:::::::* cpe:2.3:o:qualcomm:snapdragon_778g_5g_mobile_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_778g\+_5g_mobile_platform_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_888_5g_mobile_platform:-:::::::* cpe:2.3:o:qualcomm:qcm6490_firmware:-:::::::* cpe:2.3:h:qualcomm:qcm6490:-:::::::* cpe:2.3:h:qualcomm:sd888:-:::::::* cpe:2.3:h:qualcomm:fastconnect_6700:-:::::::* cpe:2.3:h:qualcomm:qca6391:-:::::::* cpe:2.3:o:qualcomm:snapdragon_888\+_5g_mobile_platform__firmware:-:::::::* cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::* cpe:2.3:h:qualcomm:sm7325p:-:::::::* cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc3_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9375:-:::::::* cpe:2.3:h:qualcomm:snapdragon_778g_5g_mobile_platform:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:snapdragon_7c\+_gen_3_compute:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7325p_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_782g_mobile_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:sd888_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs6490_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_778g\+_5g_mobile_platform:-:::::::* cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:::::::* cpe:2.3:h:qualcomm:qsm8350:-:::::::*
References	~~() https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin -~~	() https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin - Vendor Advisory
First Time		Qualcomm qualcomm Video Collaboration Vc3 Platform Qualcomm qualcomm Video Collaboration Vc3 Platform Firmware Qualcomm wsa8835 Qualcomm qcs6490 Firmware Qualcomm qcm6490 Qualcomm qsm8350 Qualcomm wcd9370 Firmware Qualcomm snapdragon 782g Mobile Platform Qualcomm sm7315 Firmware Qualcomm qca6391 Qualcomm snapdragon 778g 5g Mobile Platform Qualcomm fastconnect 6900 Firmware Qualcomm wcd9370 Qualcomm snapdragon 780g 5g Mobile Platform Qualcomm sd888 Firmware Qualcomm snapdragon 7c\+ Gen 3 Compute Firmware Qualcomm snapdragon 780g 5g Mobile Platform Firmware Qualcomm qca6391 Firmware Qualcomm wsa8835 Firmware Qualcomm wcd9380 Qualcomm qcs6490 Qualcomm snapdragon 888 5g Mobile Platform Firmware Qualcomm wcn6740 Firmware Qualcomm wcd9380 Firmware Qualcomm Qualcomm wcd9375 Qualcomm wcd9385 Qualcomm fastconnect 6700 Firmware Qualcomm snapdragon 888\+ 5g Mobile Platform Qualcomm qsm8350 Firmware Qualcomm snapdragon 888\+ 5g Mobile Platform Firmware Qualcomm wcd9385 Firmware Qualcomm wcd9375 Firmware Qualcomm fastconnect 6900 Qualcomm snapdragon 888 5g Mobile Platform Qualcomm snapdragon 778g 5g Mobile Platform Firmware Qualcomm fastconnect 6700 Qualcomm sm7325p Firmware Qualcomm qcm6490 Firmware Qualcomm snapdragon 7c\+ Gen 3 Compute Qualcomm snapdragon 782g Mobile Platform Firmware Qualcomm sm7325p Qualcomm wsa8830 Firmware Qualcomm snapdragon 778g\+ 5g Mobile Platform Qualcomm wcn6740 Qualcomm sm7315 Qualcomm sd888 Qualcomm wsa8830 Qualcomm snapdragon 778g\+ 5g Mobile Platform Firmware

07 Nov 2023, 12:14

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-11-07 06:15

Updated : 2024-04-12 17:16

NVD link : CVE-2023-21671

Mitre link : CVE-2023-21671

CVE.ORG link : CVE-2023-21671

JSON object : View

Products Affected

qualcomm

wcd9370
wcd9380
qcm6490
wsa8835_firmware
sd888_firmware
wcd9380_firmware
sm7315_firmware
fastconnect_6900_firmware
qca6391
wcn6740
fastconnect_6900
snapdragon_778g\+_5g_mobile_platform_firmware
wcd9375_firmware
qcs6490_firmware
qualcomm_video_collaboration_vc3_platform_firmware
snapdragon_888\+_5g_mobile_platform_
snapdragon_782g_mobile_platform
wcd9375
wsa8830_firmware
wsa8830
wcd9370_firmware
wcn6740_firmware
sm7325p
snapdragon_888_5g_mobile_platform_firmware
snapdragon_780g_5g_mobile_platform
wsa8835
snapdragon_780g_5g_mobile_platform_firmware
fastconnect_6700_firmware
snapdragon_778g\+_5g_mobile_platform
sm7315
qca6391_firmware
snapdragon_782g_mobile_platform_firmware
snapdragon_778g_5g_mobile_platform_firmware
wcd9385
snapdragon_7c\+_gen_3_compute
wcd9385_firmware
sd888
qualcomm_video_collaboration_vc3_platform
qsm8350_firmware
snapdragon_778g_5g_mobile_platform
snapdragon_7c\+_gen_3_compute_firmware
qsm8350
qcs6490
snapdragon_888\+_5g_mobile_platform__firmware
sm7325p_firmware
qcm6490_firmware
snapdragon_888_5g_mobile_platform
fastconnect_6700

CWE

NVD-CWE-noinfo CWE-20

Improper Input Validation

7.8 /10