CVE-2023-21630

nvd nist

Published: Apr 13, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.

Affected (42)

Products: Qualcomm: Qca6391 Firmware, Qca6574 Firmware, Qca6574a Firmware, Qca6574au Firmware, Qca6595au Firmware, Qca6696 Firmware, Sa6155p Firmware, Sa8155p Firmware, Sa8195p Firmware, Sd680 Firmware, Sd778g Firmware, Sd888 Firmware, Sg4150p Firmware, Sm6225 Ad Firmware, Sm7315 Firmware, Sm7325 Firmware, Sm7325 Ae Firmware, Sm7325 Af Firmware, Sm7325p Firmware, Sm7350 Ab Firmware, Sm8350 Firmware, Sm8350 Ac Firmware, Sm8450 Firmware, Sm8475 Firmware, Sw5100 Firmware, Sw5100p Firmware, Wcd9370 Firmware, Wcd9375 Firmware, Wcd9380 Firmware, Wcd9385 Firmware, Wcn3950 Firmware, Wcn3980 Firmware, Wcn3988 Firmware, Wcn6740 Firmware, Wcn6750 Firmware, Wcn685x 1 Firmware, Wcn685x 5 Firmware, Wcn785x 1 Firmware, Wcn785x 5 Firmware, Wsa8810 Firmware, Wsa8830 Firmware, Wsa8835 Firmware

42 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6391 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6391	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574a	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574au	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6595au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6595au	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6696 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6696	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa6155p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa6155p	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8155p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8155p	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8195p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8195p	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd680 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd680	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd778g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd778g	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd888 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd888	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sg4150p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sg4150p	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm6225 Ad Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm6225 Ad	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm7315 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm7315	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm7325 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm7325	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm7325 Ae Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm7325 Ae	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm7325 Af Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm7325 Af	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm7325p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm7325p	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm7350 Ab Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm7350 Ab	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8350 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8350	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8350 Ac Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8350 Ac	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8450 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8450	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8475 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8475	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100p	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9370 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9370	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9375 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9375	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9385 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9385	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3950 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3950	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3980 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3980	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3988 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3988	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6740 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6740	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6750 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6750	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn685x 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn685x 1	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn685x 5 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn685x 5	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn785x 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn785x 1	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn785x 5 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn785x 5	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Related CWEs

CWE-190

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

CWE-191

Integer Underflow (Wrap or Wraparound)

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Source: product-security@qualcomm.com

PatchVendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.