CVE-2023-43515 - Vulnerability Details

Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Qualcomm	Fastconnect 6900 Fastconnect 6900 Firmware Fastconnect 7800 Fastconnect 7800 Firmware Snapdragon 8 Gen 1 Mobile Snapdragon 8 Gen 1 Mobile Firmware Wcd9380 Wcd9380 Firmware Wsa8830 Wsa8830 Firmware Wsa8835 Wsa8835 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html

History

Tue, 14 Jan 2025 08:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm Qualcomm fastconnect 6900 Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm snapdragon 8 Gen 1 Mobile Qualcomm snapdragon 8 Gen 1 Mobile Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware
CPEs		cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::* cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::* cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::*
Vendors & Products		Qualcomm Qualcomm fastconnect 6900 Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm snapdragon 8 Gen 1 Mobile Qualcomm snapdragon 8 Gen 1 Mobile Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2024-04-01T15:05:59.198Z

Updated: 2024-08-02T19:44:43.903Z

Reserved: 2023-09-19T14:48:15.089Z

Link: CVE-2023-43515

Vulnrichment

Updated: 2024-08-02T19:44:43.903Z

NVD

Status : Analyzed

Published: 2024-04-01T15:15:48.027

Modified: 2025-01-13T21:53:32.407

Link: CVE-2023-43515

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact Low

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact Low

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object