{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-21639", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "state": "PUBLISHED", "assignerShortName": "qualcomm", "dateReserved": "2022-12-07T02:58:25.866Z", "datePublished": "2023-07-04T04:46:35.233Z", "dateUpdated": "2024-08-02T09:44:01.890Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Snapdragon Auto", "Snapdragon Mobile", "Snapdragon Wearables"], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "AQT1000"}, {"status": "affected", "version": "FastConnect 6200"}, {"status": "affected", "version": "QCA6420"}, {"status": "affected", "version": "QCA6430"}, {"status": "affected", "version": "SA4150P"}, {"status": "affected", "version": "SA4155P"}, {"status": "affected", "version": "SA6155P"}, {"status": "affected", "version": "SA8155P"}, {"status": "affected", "version": "SA8195P"}, {"status": "affected", "version": "SD855"}, {"status": "affected", "version": "Snapdragon 855 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"}, {"status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform"}, {"status": "affected", "version": "SW5100"}, {"status": "affected", "version": "SW5100P"}, {"status": "affected", "version": "WCD9341"}, {"status": "affected", "version": "WCN3980"}, {"status": "affected", "version": "WCN3988"}, {"status": "affected", "version": "WSA8810"}, {"status": "affected", "version": "WSA8815"}, {"status": "affected", "version": "WSA8830"}, {"status": "affected", "version": "WSA8835"}]}], "descriptions": [{"lang": "en", "value": "Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2024-04-12T16:24:48.892Z"}, "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin"}], "title": "Buffer Copy Without Checking the Size of Input in Audio", "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}]}, "adp": [{"affected": [{"vendor": "qualcomm", "product": "aqt1000_firmware", "cpes": ["cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "fastconnect_6200_firmware", "cpes": ["cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "qca6420_firmware", "cpes": ["cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "qca6430_firmware", "cpes": ["cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "sa4150p_firmware", "cpes": ["cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "sa4155p_firmware", "cpes": ["cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "sa6155p_firmware", "cpes": ["cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "sa8155p_firmware", "cpes": ["cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "sa8195p_firmware", "cpes": ["cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "sd855_firmware", "cpes": ["cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "snapdragon_855_mobile_platform_firmware", "cpes": ["cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "sw5100_firmware", "cpes": ["cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "sw5100p_firmware", "cpes": ["cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "wcd9341_firmware", "cpes": ["cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "wcn3980_firmware", "cpes": ["cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "wcn3988_firmware", "cpes": ["cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "wsa8810_firmware", "cpes": ["cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "wsa8815_firmware", "cpes": ["cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "wsa8830_firmware", "cpes": ["cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "qualcomm", "product": "wsa8835_firmware", "cpes": ["cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T20:27:26.591205Z", "id": "CVE-2023-21639", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T20:27:32.719Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:44:01.890Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:44:01.890Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-21639", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-11T20:27:26.591205Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "aqt1000_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "fastconnect_6200_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "qca6420_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "qca6430_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "sa4150p_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "sa4155p_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "sa6155p_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "sa8155p_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "sa8195p_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "sd855_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "snapdragon_855_mobile_platform_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "sw5100_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "sw5100p_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wcd9341_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wcn3980_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wcn3988_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wsa8810_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wsa8815_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wsa8830_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*"], "vendor": "qualcomm", "product": "wsa8835_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T20:27:20.827Z"}}], "cna": {"title": "Buffer Copy Without Checking the Size of Input in Audio", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Qualcomm, Inc.", "product": "Snapdragon", "versions": [{"status": "affected", "version": "AQT1000"}, {"status": "affected", "version": "FastConnect 6200"}, {"status": "affected", "version": "QCA6420"}, {"status": "affected", "version": "QCA6430"}, {"status": "affected", "version": "SA4150P"}, {"status": "affected", "version": "SA4155P"}, {"status": "affected", "version": "SA6155P"}, {"status": "affected", "version": "SA8155P"}, {"status": "affected", "version": "SA8195P"}, {"status": "affected", "version": "SD855"}, {"status": "affected", "version": "Snapdragon 855 Mobile Platform"}, {"status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"}, {"status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform"}, {"status": "affected", "version": "SW5100"}, {"status": "affected", "version": "SW5100P"}, {"status": "affected", "version": "WCD9341"}, {"status": "affected", "version": "WCN3980"}, {"status": "affected", "version": "WCN3988"}, {"status": "affected", "version": "WSA8810"}, {"status": "affected", "version": "WSA8815"}, {"status": "affected", "version": "WSA8830"}, {"status": "affected", "version": "WSA8835"}], "platforms": ["Snapdragon Auto", "Snapdragon Mobile", "Snapdragon Wearables"], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin"}], "descriptions": [{"lang": "en", "value": "Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2024-04-12T16:24:48.892Z"}}}, "cveMetadata": {"cveId": "CVE-2023-21639", "state": "PUBLISHED", "dateUpdated": "2024-08-02T09:44:01.890Z", "dateReserved": "2022-12-07T02:58:25.866Z", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "datePublished": "2023-07-04T04:46:35.233Z", "assignerShortName": "qualcomm"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC6FCE91-BF38-49ED-8FFB-429BAFEE7832", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*", "matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "47E674DE-55AB-44E5-8E00-C804FC9D4DC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "95AFC483-1468-43FC-96FA-A56165C290E0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A963FDF-6FF4-4F48-834E-2A14D241716D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0DC99C0C-8AE3-4918-B91D-2C26990FE931", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*", "matchCriteriaId": "A558A868-1B67-48D2-8A94-FDEA7126FAE7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8D28764-EF4F-4FB3-B936-B42397450EFD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa4155p:-:*:*:*:*:*:*:*", "matchCriteriaId": "7964A762-467B-47D7-865F-30D48A0AE47C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*", "matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*", "matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "42B30014-95AB-4F24-A7A5-60A907502609", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*", "matchCriteriaId": "F562ED3D-CBE3-4DCC-BFBB-DE0AD2425A9C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_855_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5501670-56E2-48B6-ACFC-67F908D5ECCA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_855:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3AB9254-8202-411C-9700-C2739D9C317C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_855\\+\\/860_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D3B35BA-D853-40D6-9E25-BF686FC72CC4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_855\\+\\/860:-:*:*:*:*:*:*:*", "matchCriteriaId": "37778EA4-A0E2-4E5A-BB6C-0AEAEDB2B4A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_w5\\+_gen_1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "158F6ED7-FB30-47BF-BDAE-91BED7A58157", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_w5\\+_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "89A06BE0-4F54-4591-836D-4D70D9976BBE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*", "matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client."}], "id": "CVE-2023-21639", "lastModified": "2024-04-12T17:16:44.600", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "product-security@qualcomm.com", "type": "Secondary"}]}, "published": "2023-07-04T05:15:10.397", "references": [{"source": "product-security@qualcomm.com", "tags": ["Vendor Advisory"], "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin"}], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "product-security@qualcomm.com", "type": "Secondary"}]}

{}