Memory corruption in HAB Memory management due to broad system privileges via physical address.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Qualcomm
  • Sa8295p Firmware
  • Sa8195p Firmware
  • Sa8150p
  • Sa9000p
  • Sa8155p
  • Qca6696
  • Qca6574au Firmware
  • Sa8145p
  • Sa8195p
  • Sa8295p
  • Sa8155p Firmware
  • Qam8295p Firmware
  • Sa6150p
  • Sa6145p
  • Sa8150p Firmware
  • Sa9000p Firmware
  • Sa8145p Firmware
  • Sa8540p
  • Sa6150p Firmware
  • Qca6696 Firmware
  • Qca6574au
  • Sa6145p Firmware
  • Sa6155p Firmware
  • Sa6155p
  • Sa8540p Firmware
  • Qam8295p

Configuration 1 [-]

AND
cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*
References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: qualcomm

Published: 2023-05-02T05:08:55.702Z

Updated: 2024-07-11T20:20:26.056Z

Reserved: 2022-12-07T02:58:25.866Z

Link: CVE-2023-21642

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2023-05-02T06:15:10.347

Modified: 2024-04-12T17:16:45.337

Link: CVE-2023-21642

JSON object: View

cve-icon Redhat Information

No data.

CWE