CVE-2023-21632

Memory corruption in Automotive GPU while querying a gsl memory node.

CVSS v3 8.4 HIGH

8.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin	Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8064au:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_820_automotive_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_820_automotive_platform:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:43

Type	Values Removed	Values Added
References	~~() https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin - Vendor Advisory~~	() https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 8.4

12 Apr 2024, 17:16

Type	Values Removed	Values Added
CWE		CWE-121

10 Jun 2023, 02:09

Type	Values Removed	Values Added
References	~~(MISC) https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin -~~	(MISC) https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CWE		CWE-787
CPE		cpe:2.3:o:qualcomm:qca6584au_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6564au:-:::::::* cpe:2.3:o:qualcomm:qam8295p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8295p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6150p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6155p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8155p_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6595_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6595:-:::::::* cpe:2.3:o:qualcomm:sa9000p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8295p:-:::::::* cpe:2.3:h:qualcomm:sa9000p:-:::::::* cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::* cpe:2.3:h:qualcomm:sa6155:-:::::::* cpe:2.3:h:qualcomm:apq8064au:-:::::::* cpe:2.3:o:qualcomm:sa8540p_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_820_automotive_platform:-:::::::* cpe:2.3:h:qualcomm:sa6150p:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6584au:-:::::::* cpe:2.3:h:qualcomm:qca6595au:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:h:qualcomm:msm8996au:-:::::::* cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8150p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6145p_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6564a_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::* cpe:2.3:o:qualcomm:msm8996au_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8195p:-:::::::* cpe:2.3:o:qualcomm:sa8195p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8540p:-:::::::* cpe:2.3:h:qualcomm:sa8155:-:::::::* cpe:2.3:h:qualcomm:qca6698aq:-:::::::* cpe:2.3:o:qualcomm:snapdragon_820_automotive_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8145p_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6574a_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6574a:-:::::::* cpe:2.3:h:qualcomm:qca6564a:-:::::::* cpe:2.3:h:qualcomm:sa6155p:-:::::::* cpe:2.3:h:qualcomm:sa8145p:-:::::::* cpe:2.3:h:qualcomm:qam8295p:-:::::::* cpe:2.3:h:qualcomm:sa8150p:-:::::::* cpe:2.3:o:qualcomm:apq8064au_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6564au_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8155_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6155_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8155p:-:::::::* cpe:2.3:h:qualcomm:sa6145p:-:::::::* cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::*

06 Jun 2023, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-06 08:15

Updated : 2024-11-21 07:43

NVD link : CVE-2023-21632

Mitre link : CVE-2023-21632

CVE.ORG link : CVE-2023-21632

JSON object : View

Products Affected

qualcomm

sa8195p_firmware
qca6696_firmware
sa6155_firmware
apq8064au_firmware
sa8540p
qca6574a_firmware
sa8195p
qca6584au
qca6564a_firmware
apq8064au
qca6564au
msm8996au_firmware
qam8295p
sa8295p_firmware
sa8155p
qca6564a
sa6155
sa6150p_firmware
sa8155
snapdragon_820_automotive_platform_firmware
qca6698aq
sa9000p
sa8150p_firmware
sa6155p_firmware
msm8996au
qam8295p_firmware
sa8145p_firmware
sa8150p
qca6574au_firmware
sa6145p
sa6150p
sa8295p
sa8145p
qca6595au
qca6595_firmware
sa8540p_firmware
snapdragon_820_automotive_platform
qca6698aq_firmware
qca6574a
qca6595
qca6584au_firmware
sa9000p_firmware
qca6696
qca6595au_firmware
sa6145p_firmware
qca6574au
qca6564au_firmware
sa6155p
sa8155p_firmware
sa8155_firmware

CWE

CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write

8.4 /10