CVE-2023-43543

Published: Jun 3, 2024Modified: Jan 27, 2025

7.0

Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.0 / Impact: 5.9

Source: NVD

Description

Memory corruption in Audio during a playback or a recording due to race condition between allocation and deallocation of graph object.

Affected (16)

Products: Qualcomm: Qam8255p Firmware, Qam8775p Firmware, Qca6584au Firmware, Qca6698aq Firmware, Sa8255p Firmware, Sa8770p Firmware, Sa8775p Firmware, Sa9000p Firmware, Snapdragon Auto 5g Modem Rf Gen 2 Firmware, Snapdragon W5+ Gen 1 Wearable Firmware, Sw5100 Firmware, Sw5100p Firmware, Wcn3980 Firmware, Wcn3988 Firmware, Wsa8830 Firmware, Wsa8835 Firmware

16 products

Snapdragon Auto 5g Modem Rf Gen 2 Firmware

Snapdragon W5+ Gen 1 Wearable Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qam8255p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qam8255p	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qam8775p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qam8775p	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6584au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6584au	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6698aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6698aq	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8255p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8255p	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8770p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8770p	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8775p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8775p	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa9000p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa9000p	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon Auto 5g Modem Rf Gen 2 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon Auto 5g Modem Rf Gen 2	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon W5+ Gen 1 Wearable Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon W5+ Gen 1 Wearable	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100p	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3980 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3980	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3988 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3988	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (2)

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html

Source: product-security@qualcomm.com

PatchVendor Advisory

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.