CVE-2023-43544

Published: Jun 3, 2024Modified: Jan 27, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.

Affected (27)

Products: Qualcomm: Ar8035 Firmware, Fastconnect 7800 Firmware, Qam8255p Firmware, Qam8775p Firmware, Qca6584au Firmware, Qca6698aq Firmware, Qca8081 Firmware, Qca8337 Firmware, Qcc710 Firmware, Qcn6224 Firmware, Qcn6274 Firmware, Qfw7114 Firmware, Qfw7124 Firmware, Sa8255p Firmware, Sa8770p Firmware, Sa8775p Firmware, Sa9000p Firmware, Snapdragon Auto 5g Modem Rf Gen 2 Firmware, Snapdragon W5+ Gen 1 Wearable Firmware, Snapdragon X75 5g Modem Rf Firmware, Sw5100 Firmware, Sw5100p Firmware, Wcd9340 Firmware, Wcn3980 Firmware, Wcn3988 Firmware, Wsa8830 Firmware, Wsa8835 Firmware

Qualcomm

27 products

Ar8035 Firmware

Fastconnect 7800 Firmware

Snapdragon Auto 5g Modem Rf Gen 2 Firmware

Snapdragon W5+ Gen 1 Wearable Firmware

Snapdragon X75 5g Modem Rf Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8035 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8035	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Fastconnect 7800 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Fastconnect 7800	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qam8255p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qam8255p	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qam8775p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qam8775p	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6584au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6584au	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6698aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6698aq	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8081 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8081	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8337 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8337	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcc710 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcc710	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6224 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6224	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6274 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6274	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfw7114 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfw7114	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfw7124 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfw7124	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8255p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8255p	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8770p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8770p	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8775p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8775p	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa9000p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa9000p	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon Auto 5g Modem Rf Gen 2 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon Auto 5g Modem Rf Gen 2	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon W5+ Gen 1 Wearable Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon W5+ Gen 1 Wearable	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X75 5g Modem Rf Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X75 5g Modem Rf	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100p	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3980 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3980	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3988 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3988	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (2)

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html

Source: product-security@qualcomm.com

PatchVendor Advisory

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.