Vulnerability-Lookup

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.522Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-48399",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-12T20:44:22.516096Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T17:07:01.038Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ProtocolMiscATCommandAdapter::Init() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:53.695Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48399",
    "datePublished": "2023-12-08T15:39:41.216Z",
    "dateReserved": "2023-11-16T16:08:52.675Z",
    "dateUpdated": "2024-12-02T17:07:01.038Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48423 (GCVE-0-2023-48423)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:46 – Updated: 2024-08-02 21:30

Summary

In dhcp4_SetPDNAddress of dhcp4_Main.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Remote code execution

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.959Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In dhcp4_SetPDNAddress of dhcp4_Main.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote code execution",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:59.526Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48423",
    "datePublished": "2023-12-08T15:46:09.691Z",
    "dateReserved": "2023-11-16T16:28:09.701Z",
    "dateUpdated": "2024-08-02T21:30:34.959Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48401 (GCVE-0-2023-48401)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:39 – Updated: 2024-08-02 21:30

Summary

In GetSizeOfEenlRecords of protocoladapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.013Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In GetSizeOfEenlRecords of protocoladapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:53.978Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48401",
    "datePublished": "2023-12-08T15:39:55.199Z",
    "dateReserved": "2023-11-16T16:08:52.675Z",
    "dateUpdated": "2024-08-02T21:30:35.013Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48406 (GCVE-0-2023-48406)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:41 – Updated: 2024-08-28 15:49

Summary

there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Elevation of privilege

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.991Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-48406",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-28T15:47:25.658601Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-269",
                "description": "CWE-269 Improper Privilege Management",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-28T15:49:45.122Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:55.375Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48406",
    "datePublished": "2023-12-08T15:41:14.448Z",
    "dateReserved": "2023-11-16T16:08:52.676Z",
    "dateUpdated": "2024-08-28T15:49:45.122Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48405 (GCVE-0-2023-48405)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:41 – Updated: 2024-08-02 21:30

Summary

there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Elevation of privilege

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:55.094Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48405",
    "datePublished": "2023-12-08T15:41:02.058Z",
    "dateReserved": "2023-11-16T16:08:52.675Z",
    "dateUpdated": "2024-08-02T21:30:35.317Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48414 (GCVE-0-2023-48414)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:44 – Updated: 2024-08-02 21:30

Summary

In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Elevation of privilege

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.010Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:57.733Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48414",
    "datePublished": "2023-12-08T15:44:49.224Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-08-02T21:30:35.010Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22383 (GCVE-0-2023-22383)

Vulnerability from cvelistv5 – Published: 2023-12-05 03:03 – Updated: 2024-08-02 10:07

Title

Use After Free in Camera

Summary

Memory Corruption in camera while installing a fd for a particular DMA buffer.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Assigner

qualcomm

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: AQT1000 Affected: C-V2X 9150 Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: QAM8295P Affected: QCA6391 Affected: QCA6420 Affected: QCA6426 Affected: QCA6430 Affected: QCA6436 Affected: QCA6574AU Affected: QCA6696 Affected: QCA8337 Affected: QCN9074 Affected: QCS410 Affected: QCS610 Affected: QCS6490 Affected: QCS8155 Affected: QSM8250 Affected: Qualcomm Video Collaboration VC1 Platform Affected: Qualcomm Video Collaboration VC3 Platform Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SD855 Affected: SD865 5G Affected: SDX55 Affected: Snapdragon 855 Mobile Platform Affected: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon Wear 4100+ Platform Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: SW5100 Affected: SW5100P Affected: SXR2130 Affected: WCD9341 Affected: WCD9370 Affected: WCD9380 Affected: WCN3610 Affected: WCN3660B Affected: WCN3680B Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:06.566Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AQT1000"
            },
            {
              "status": "affected",
              "version": "C-V2X 9150"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6700"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6420"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6430"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCN9074"
            },
            {
              "status": "affected",
              "version": "QCS410"
            },
            {
              "status": "affected",
              "version": "QCS610"
            },
            {
              "status": "affected",
              "version": "QCS6490"
            },
            {
              "status": "affected",
              "version": "QCS8155"
            },
            {
              "status": "affected",
              "version": "QSM8250"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC1 Platform"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC3 Platform"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SD855"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SDX55"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon W5+ Gen 1 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 4100+ Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "SXR2130"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN3610"
            },
            {
              "status": "affected",
              "version": "WCN3660B"
            },
            {
              "status": "affected",
              "version": "WCN3680B"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory Corruption in camera while installing a fd for a particular DMA buffer."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:10:28.776Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
        }
      ],
      "title": "Use After Free in Camera"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-22383",
    "datePublished": "2023-12-05T03:03:44.642Z",
    "dateReserved": "2022-12-21T07:26:32.617Z",
    "dateUpdated": "2024-08-02T10:07:06.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48407 (GCVE-0-2023-48407)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:41 – Updated: 2024-08-02 21:30

Summary

there is a possible DCK won't be deleted after factory reset due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Elevation of privilege

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.109Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "there is a possible DCK won\u0027t be deleted after factory reset due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:55.665Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48407",
    "datePublished": "2023-12-08T15:41:25.931Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-08-02T21:30:35.109Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48402 (GCVE-0-2023-48402)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:40 – Updated: 2024-08-02 21:30

Summary

In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Elevation of privilege

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.306Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:54.258Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48402",
    "datePublished": "2023-12-08T15:40:06.275Z",
    "dateReserved": "2023-11-16T16:08:52.675Z",
    "dateUpdated": "2024-08-02T21:30:35.306Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48408 (GCVE-0-2023-48408)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:41 – Updated: 2024-08-02 21:30

Summary

In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.129Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:55.958Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48408",
    "datePublished": "2023-12-08T15:41:36.065Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-08-02T21:30:35.129Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28579 (GCVE-0-2023-28579)

Vulnerability from cvelistv5 – Published: 2023-12-05 03:03 – Updated: 2024-10-10 19:53

Title

Buffer Copy Without Checking Size of Input in WLAN Host

Summary

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

Assigner

qualcomm

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QAM8295P Affected: QCA6391 Affected: QCA6574AU Affected: QCA6595AU Affected: QCA6696 Affected: QCS410 Affected: QCS610 Affected: Qualcomm Video Collaboration VC1 Platform Affected: Qualcomm Video Collaboration VC3 Platform Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: SW5100 Affected: SW5100P Affected: WCD9341 Affected: WCD9370 Affected: WCD9380 Affected: WCN3660B Affected: WCN3680B Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:22.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "FastConnect 6900"
              },
              {
                "status": "affected",
                "version": "FastConnect 7800"
              },
              {
                "status": "affected",
                "version": "QAM8295P"
              },
              {
                "status": "affected",
                "version": "QCA6391"
              },
              {
                "status": "affected",
                "version": "QCA6574AU"
              },
              {
                "status": "affected",
                "version": "QCA6595AU"
              },
              {
                "status": "affected",
                "version": "QCA6696"
              },
              {
                "status": "affected",
                "version": "QCS410"
              },
              {
                "status": "affected",
                "version": "QCS610"
              },
              {
                "status": "affected",
                "version": "Qualcomm Video Collaboration VC1 Platform"
              },
              {
                "status": "affected",
                "version": "Qualcomm Video Collaboration VC3 Platform"
              },
              {
                "status": "affected",
                "version": "SA6145P"
              },
              {
                "status": "affected",
                "version": "SA6150P"
              },
              {
                "status": "affected",
                "version": "SA6155P"
              },
              {
                "status": "affected",
                "version": "SA8145P"
              },
              {
                "status": "affected",
                "version": "SA8150P"
              },
              {
                "status": "affected",
                "version": "SA8155P"
              },
              {
                "status": "affected",
                "version": "SA8195P"
              },
              {
                "status": "affected",
                "version": "SA8295P"
              },
              {
                "status": "affected",
                "version": "Snapdragon 8 Gen 1 Mobile Platform"
              },
              {
                "status": "affected",
                "version": "SW5100"
              },
              {
                "status": "affected",
                "version": "SW5100P"
              },
              {
                "status": "affected",
                "version": "WCD9341"
              },
              {
                "status": "affected",
                "version": "WCD9370"
              },
              {
                "status": "affected",
                "version": "WCD9380"
              },
              {
                "status": "affected",
                "version": "WCN3660B"
              },
              {
                "status": "affected",
                "version": "WCN3680B"
              },
              {
                "status": "affected",
                "version": "WCN3950"
              },
              {
                "status": "affected",
                "version": "WCN3980"
              },
              {
                "status": "affected",
                "version": "WCN3988"
              },
              {
                "status": "affected",
                "version": "WSA8810"
              },
              {
                "status": "affected",
                "version": "WSA8815"
              },
              {
                "status": "affected",
                "version": "WSA8830"
              },
              {
                "status": "affected",
                "version": "WSA8835"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28579",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-08T05:00:38.210901Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-10T19:53:32.174Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCS410"
            },
            {
              "status": "affected",
              "version": "QCS610"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC1 Platform"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC3 Platform"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN3660B"
            },
            {
              "status": "affected",
              "version": "WCN3680B"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:10:48.344Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
        }
      ],
      "title": "Buffer Copy Without Checking Size of Input in WLAN Host"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-28579",
    "datePublished": "2023-12-05T03:03:51.357Z",
    "dateReserved": "2023-03-17T11:41:45.852Z",
    "dateUpdated": "2024-10-10T19:53:32.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48398 (GCVE-0-2023-48398)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:39 – Updated: 2024-10-09 14:39

Summary

In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.917Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-48398",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-31T20:04:38.102362Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-09T14:39:48.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:53.396Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48398",
    "datePublished": "2023-12-08T15:39:26.464Z",
    "dateReserved": "2023-11-16T16:08:52.675Z",
    "dateUpdated": "2024-10-09T14:39:48.724Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48403 (GCVE-0-2023-48403)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:40 – Updated: 2024-08-02 21:30

Summary

In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

https://semiconductor.samsung.com/support/quality…

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.796Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:54.556Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48403",
    "datePublished": "2023-12-08T15:40:19.105Z",
    "dateReserved": "2023-11-16T16:08:52.675Z",
    "dateUpdated": "2024-08-02T21:30:34.796Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-41111 (GCVE-0-2023-41111)

Vulnerability from cvelistv5 – Published: 2023-11-08 00:00 – Updated: 2024-09-17 13:02

Summary

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AC:L/AV:N/A:H/C:N/I:L/PR:L/S:U/UI:N

CWE

Assigner

mitre

References

URL

Tags

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:54:03.842Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-41111",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T14:28:27.329880Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-17T13:02:06.249Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:L/PR:L/S:U/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-08T07:50:56.369Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-41111",
    "datePublished": "2023-11-08T00:00:00.000Z",
    "dateReserved": "2023-08-23T00:00:00.000Z",
    "dateUpdated": "2024-09-17T13:02:06.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22668 (GCVE-0-2023-22668)

Vulnerability from cvelistv5 – Published: 2023-12-05 03:03 – Updated: 2026-02-25 16:51

Title

Use After Free in Audio

Summary

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Assigner

qualcomm

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: AQT1000 Affected: AR8035 Affected: FastConnect 6200 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QAM8255P Affected: QAM8775P Affected: QCA6391 Affected: QCA6420 Affected: QCA6426 Affected: QCA6430 Affected: QCA6436 Affected: QCA6584AU Affected: QCA6698AQ Affected: QCA8081 Affected: QCA8337 Affected: QCC710 Affected: QCN6224 Affected: QCN6274 Affected: QFW7114 Affected: QFW7124 Affected: Qualcomm 205 Mobile Platform Affected: Qualcomm 215 Mobile Platform Affected: SA8255P Affected: SA8770P Affected: SA8775P Affected: SA9000P Affected: SD855 Affected: SD865 5G Affected: Snapdragon 210 Processor Affected: Snapdragon 212 Mobile Platform Affected: Snapdragon 855 Mobile Platform Affected: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon Auto 5G Modem-RF Gen 2 Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon Wear 4100+ Platform Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: SW5100 Affected: SW5100P Affected: SXR2130 Affected: WCD9340 Affected: WCD9341 Affected: WCD9380 Affected: WCN3610 Affected: WCN3980 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:13:49.804Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22668",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-08T05:00:53.975962Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-25T16:51:09.659Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AQT1000"
            },
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QAM8255P"
            },
            {
              "status": "affected",
              "version": "QAM8775P"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6420"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6430"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCC710"
            },
            {
              "status": "affected",
              "version": "QCN6224"
            },
            {
              "status": "affected",
              "version": "QCN6274"
            },
            {
              "status": "affected",
              "version": "QFW7114"
            },
            {
              "status": "affected",
              "version": "QFW7124"
            },
            {
              "status": "affected",
              "version": "Qualcomm 205 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Qualcomm 215 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "SA8255P"
            },
            {
              "status": "affected",
              "version": "SA8770P"
            },
            {
              "status": "affected",
              "version": "SA8775P"
            },
            {
              "status": "affected",
              "version": "SA9000P"
            },
            {
              "status": "affected",
              "version": "SD855"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "Snapdragon 210 Processor"
            },
            {
              "status": "affected",
              "version": "Snapdragon 212 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 5G Modem-RF Gen 2"
            },
            {
              "status": "affected",
              "version": "Snapdragon W5+ Gen 1 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 4100+ Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X75 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "SXR2130"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN3610"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory Corruption in Audio while invoking IOCTLs calls from the user-space."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:10:32.300Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
        }
      ],
      "title": "Use After Free in Audio"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-22668",
    "datePublished": "2023-12-05T03:03:45.703Z",
    "dateReserved": "2023-01-06T05:06:07.907Z",
    "dateUpdated": "2026-02-25T16:51:09.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-48397 (GCVE-0-2023-48397)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:39 – Updated: 2024-08-02 21:30

Summary

In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.960Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:53.103Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48397",
    "datePublished": "2023-12-08T15:39:11.100Z",
    "dateReserved": "2023-11-16T16:08:52.674Z",
    "dateUpdated": "2024-08-02T21:30:34.960Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48411 (GCVE-0-2023-48411)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:44 – Updated: 2024-10-09 14:38

Summary

In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.363Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-48411",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-31T14:58:45.755347Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-09T14:38:40.342Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:56.858Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48411",
    "datePublished": "2023-12-08T15:44:08.748Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-10-09T14:38:40.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28575 (GCVE-0-2023-28575)

Vulnerability from cvelistv5 – Published: 2023-08-08 09:15 – Updated: 2024-08-02 13:43

Title

Multiple Type Confusion Vulnerability

Summary

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-823 - Use of Out-of-range Pointer Offset

Assigner

qualcomm

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: AQT1000 Affected: C-V2X 9150 Affected: FastConnect 6200 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QAM8295P Affected: QCA6391 Affected: QCA6420 Affected: QCA6426 Affected: QCA6430 Affected: QCA6436 Affected: QCA6574AU Affected: QCA6696 Affected: QCA8337 Affected: QCN9074 Affected: QCS410 Affected: QCS610 Affected: QCS8155 Affected: Qualcomm 205 Mobile Platform Affected: Qualcomm 215 Mobile Platform Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SD855 Affected: SD865 5G Affected: SDX55 Affected: Snapdragon 210 Processor Affected: Snapdragon 212 Mobile Platform Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon 855 Mobile Platform Affected: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon Wear 4100+ Platform Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: SW5100 Affected: SW5100P Affected: SXR2130 Affected: WCD9341 Affected: WCD9370 Affected: WCD9380 Affected: WCN3610 Affected: WCN3660B Affected: WCN3680B Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:22.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AQT1000"
            },
            {
              "status": "affected",
              "version": "C-V2X 9150"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6420"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6430"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCN9074"
            },
            {
              "status": "affected",
              "version": "QCS410"
            },
            {
              "status": "affected",
              "version": "QCS610"
            },
            {
              "status": "affected",
              "version": "QCS8155"
            },
            {
              "status": "affected",
              "version": "Qualcomm 205 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Qualcomm 215 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SD855"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SDX55"
            },
            {
              "status": "affected",
              "version": "Snapdragon 210 Processor"
            },
            {
              "status": "affected",
              "version": "Snapdragon 212 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon W5+ Gen 1 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 4100+ Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "SXR2130"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN3610"
            },
            {
              "status": "affected",
              "version": "WCN3660B"
            },
            {
              "status": "affected",
              "version": "WCN3680B"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-823",
              "description": "CWE-823 Use of Out-of-range Pointer Offset",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:24:12.547Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
        }
      ],
      "title": "Multiple Type Confusion Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-28575",
    "datePublished": "2023-08-08T09:15:04.824Z",
    "dateReserved": "2023-03-17T11:41:45.850Z",
    "dateUpdated": "2024-08-02T13:43:22.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48410 (GCVE-0-2023-48410)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:41 – Updated: 2024-08-02 21:30

Summary

In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.855Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:56.564Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48410",
    "datePublished": "2023-12-08T15:41:59.363Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-08-02T21:30:34.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-33024 (GCVE-0-2023-33024)

Vulnerability from cvelistv5 – Published: 2023-12-05 03:04 – Updated: 2026-02-25 16:51

Title

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Radio Interface Layer

Summary

Memory corruption while sending SMS from AP firmware.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

Assigner

qualcomm

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: AQT1000 Affected: AR8035 Affected: FastConnect 6200 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QAM8295P Affected: QCA6310 Affected: QCA6320 Affected: QCA6391 Affected: QCA6420 Affected: QCA6426 Affected: QCA6430 Affected: QCA6436 Affected: QCA6574AU Affected: QCA6595AU Affected: QCA6696 Affected: QCA6698AQ Affected: QCA8081 Affected: QCA8337 Affected: QCC710 Affected: QCN6224 Affected: QCN6274 Affected: QFW7114 Affected: QFW7124 Affected: SA4150P Affected: SA4155P Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: SD835 Affected: SD855 Affected: SD865 5G Affected: Snapdragon 835 Mobile PC Platform Affected: Snapdragon 855 Mobile Platform Affected: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon Auto 5G Modem-RF Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon Wear 4100+ Platform Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: SW5100 Affected: SW5100P Affected: SXR2130 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9380 Affected: WCN3610 Affected: WCN3660B Affected: WCN3680B Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:32:46.515Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-33024",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-08T05:00:43.369762Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-25T16:51:08.468Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AQT1000"
            },
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA6310"
            },
            {
              "status": "affected",
              "version": "QCA6320"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6420"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6430"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCC710"
            },
            {
              "status": "affected",
              "version": "QCN6224"
            },
            {
              "status": "affected",
              "version": "QCN6274"
            },
            {
              "status": "affected",
              "version": "QFW7114"
            },
            {
              "status": "affected",
              "version": "QFW7124"
            },
            {
              "status": "affected",
              "version": "SA4150P"
            },
            {
              "status": "affected",
              "version": "SA4155P"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SD835"
            },
            {
              "status": "affected",
              "version": "SD855"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "Snapdragon 835 Mobile PC Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 5G Modem-RF"
            },
            {
              "status": "affected",
              "version": "Snapdragon W5+ Gen 1 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 4100+ Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X75 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "SXR2130"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN3610"
            },
            {
              "status": "affected",
              "version": "WCN3660B"
            },
            {
              "status": "affected",
              "version": "WCN3680B"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN3990"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption while sending SMS from AP firmware."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:11:23.839Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
        }
      ],
      "title": "Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Radio Interface Layer"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-33024",
    "datePublished": "2023-12-05T03:04:03.310Z",
    "dateReserved": "2023-05-17T09:28:53.120Z",
    "dateUpdated": "2026-02-25T16:51:08.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-48421 (GCVE-0-2023-48421)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:45 – Updated: 2025-05-27 15:24

Summary

In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Elevation of privilege

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.072Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-48421",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-27T15:22:51.669742Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-27T15:24:17.631Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:58.967Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48421",
    "datePublished": "2023-12-08T15:45:30.914Z",
    "dateReserved": "2023-11-16T16:28:09.701Z",
    "dateUpdated": "2025-05-27T15:24:17.631Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28580 (GCVE-0-2023-28580)

Vulnerability from cvelistv5 – Published: 2023-12-05 03:03 – Updated: 2025-05-29 13:33

Title

Buffer Copy Without Checking Size of Input in WLAN Host

Summary

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

Assigner

qualcomm

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: AR8035 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QAM8295P Affected: QCA6391 Affected: QCA6574AU Affected: QCA6595AU Affected: QCA6696 Affected: QCA8081 Affected: QCA8337 Affected: QCC710 Affected: QCN6224 Affected: QCN6274 Affected: QCS410 Affected: QCS610 Affected: QFW7114 Affected: QFW7124 Affected: Qualcomm Video Collaboration VC1 Platform Affected: Qualcomm Video Collaboration VC3 Platform Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon X75 5G Modem-RF System Affected: SW5100 Affected: SW5100P Affected: WCD9340 Affected: WCD9341 Affected: WCD9370 Affected: WCD9380 Affected: WCN3660B Affected: WCN3680B Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:23.205Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28580",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-29T13:32:46.608228Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-29T13:33:01.647Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCC710"
            },
            {
              "status": "affected",
              "version": "QCN6224"
            },
            {
              "status": "affected",
              "version": "QCN6274"
            },
            {
              "status": "affected",
              "version": "QCS410"
            },
            {
              "status": "affected",
              "version": "QCS610"
            },
            {
              "status": "affected",
              "version": "QFW7114"
            },
            {
              "status": "affected",
              "version": "QFW7124"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC1 Platform"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC3 Platform"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X75 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN3660B"
            },
            {
              "status": "affected",
              "version": "WCN3680B"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:10:51.738Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
        }
      ],
      "title": "Buffer Copy Without Checking Size of Input in WLAN Host"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-28580",
    "datePublished": "2023-12-05T03:03:52.368Z",
    "dateReserved": "2023-03-17T11:41:45.852Z",
    "dateUpdated": "2025-05-29T13:33:01.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48413 (GCVE-0-2023-48413)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:44 – Updated: 2024-08-02 21:30

Summary

In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.398Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:57.454Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48413",
    "datePublished": "2023-12-08T15:44:38.268Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-08-02T21:30:35.398Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-33041 (GCVE-0-2023-33041)

Vulnerability from cvelistv5 – Published: 2023-12-05 03:04 – Updated: 2024-08-02 15:32

Title

Reachable assertion in WLAN Firmware

Summary

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-617 - Reachable Assertion

Assigner

qualcomm

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: AR8035 Affected: CSR8811 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: Flight RB5 5G Platform Affected: Immersive Home 214 Platform Affected: Immersive Home 216 Platform Affected: Immersive Home 316 Platform Affected: Immersive Home 318 Platform Affected: Immersive Home 3210 Platform Affected: Immersive Home 326 Platform Affected: IPQ5010 Affected: IPQ5028 Affected: IPQ5332 Affected: IPQ6000 Affected: IPQ6010 Affected: IPQ6018 Affected: IPQ6028 Affected: IPQ8070 Affected: IPQ8070A Affected: IPQ8071A Affected: IPQ8072A Affected: IPQ8074A Affected: IPQ8076 Affected: IPQ8076A Affected: IPQ8078 Affected: IPQ8078A Affected: IPQ8173 Affected: IPQ8174 Affected: IPQ9008 Affected: IPQ9554 Affected: IPQ9570 Affected: IPQ9574 Affected: PMP8074 Affected: QAM8255P Affected: QAM8650P Affected: QAM8775P Affected: QCA0000 Affected: QCA4024 Affected: QCA6391 Affected: QCA6554A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6797AQ Affected: QCA8072 Affected: QCA8075 Affected: QCA8081 Affected: QCA8082 Affected: QCA8084 Affected: QCA8085 Affected: QCA8337 Affected: QCA8386 Affected: QCA9888 Affected: QCA9889 Affected: QCC2073 Affected: QCC2076 Affected: QCC710 Affected: QCF8000 Affected: QCF8001 Affected: QCM8550 Affected: QCN5021 Affected: QCN5022 Affected: QCN5024 Affected: QCN5052 Affected: QCN5054 Affected: QCN5122 Affected: QCN5124 Affected: QCN5152 Affected: QCN5154 Affected: QCN5164 Affected: QCN6023 Affected: QCN6024 Affected: QCN6112 Affected: QCN6122 Affected: QCN6132 Affected: QCN6224 Affected: QCN6274 Affected: QCN9000 Affected: QCN9011 Affected: QCN9012 Affected: QCN9013 Affected: QCN9022 Affected: QCN9024 Affected: QCN9070 Affected: QCN9072 Affected: QCN9074 Affected: QCN9100 Affected: QCN9274 Affected: QFW7114 Affected: QFW7124 Affected: QRB5165M Affected: QRB5165N Affected: Robotics RB5 Platform Affected: SC8380XP Affected: SDX55 Affected: SDX65M Affected: SM8550P Affected: Snapdragon 8 Gen 2 Mobile Platform Affected: Snapdragon 8+ Gen 2 Mobile Platform Affected: Snapdragon AR2 Gen 1 Platform Affected: Snapdragon X65 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: SSG2115P Affected: SSG2125P Affected: SXR1230P Affected: SXR2230P Affected: WCD9340 Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN3980 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:32:46.553Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Consumer Electronics Connectivity",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wired Infrastructure and Networking"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "CSR8811"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "Flight RB5 5G Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 214 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 216 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 316 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 318 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 3210 Platform"
            },
            {
              "status": "affected",
              "version": "Immersive Home 326 Platform"
            },
            {
              "status": "affected",
              "version": "IPQ5010"
            },
            {
              "status": "affected",
              "version": "IPQ5028"
            },
            {
              "status": "affected",
              "version": "IPQ5332"
            },
            {
              "status": "affected",
              "version": "IPQ6000"
            },
            {
              "status": "affected",
              "version": "IPQ6010"
            },
            {
              "status": "affected",
              "version": "IPQ6018"
            },
            {
              "status": "affected",
              "version": "IPQ6028"
            },
            {
              "status": "affected",
              "version": "IPQ8070"
            },
            {
              "status": "affected",
              "version": "IPQ8070A"
            },
            {
              "status": "affected",
              "version": "IPQ8071A"
            },
            {
              "status": "affected",
              "version": "IPQ8072A"
            },
            {
              "status": "affected",
              "version": "IPQ8074A"
            },
            {
              "status": "affected",
              "version": "IPQ8076"
            },
            {
              "status": "affected",
              "version": "IPQ8076A"
            },
            {
              "status": "affected",
              "version": "IPQ8078"
            },
            {
              "status": "affected",
              "version": "IPQ8078A"
            },
            {
              "status": "affected",
              "version": "IPQ8173"
            },
            {
              "status": "affected",
              "version": "IPQ8174"
            },
            {
              "status": "affected",
              "version": "IPQ9008"
            },
            {
              "status": "affected",
              "version": "IPQ9554"
            },
            {
              "status": "affected",
              "version": "IPQ9570"
            },
            {
              "status": "affected",
              "version": "IPQ9574"
            },
            {
              "status": "affected",
              "version": "PMP8074"
            },
            {
              "status": "affected",
              "version": "QAM8255P"
            },
            {
              "status": "affected",
              "version": "QAM8650P"
            },
            {
              "status": "affected",
              "version": "QAM8775P"
            },
            {
              "status": "affected",
              "version": "QCA0000"
            },
            {
              "status": "affected",
              "version": "QCA4024"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6554A"
            },
            {
              "status": "affected",
              "version": "QCA6564AU"
            },
            {
              "status": "affected",
              "version": "QCA6574"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA6797AQ"
            },
            {
              "status": "affected",
              "version": "QCA8072"
            },
            {
              "status": "affected",
              "version": "QCA8075"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8082"
            },
            {
              "status": "affected",
              "version": "QCA8084"
            },
            {
              "status": "affected",
              "version": "QCA8085"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCA8386"
            },
            {
              "status": "affected",
              "version": "QCA9888"
            },
            {
              "status": "affected",
              "version": "QCA9889"
            },
            {
              "status": "affected",
              "version": "QCC2073"
            },
            {
              "status": "affected",
              "version": "QCC2076"
            },
            {
              "status": "affected",
              "version": "QCC710"
            },
            {
              "status": "affected",
              "version": "QCF8000"
            },
            {
              "status": "affected",
              "version": "QCF8001"
            },
            {
              "status": "affected",
              "version": "QCM8550"
            },
            {
              "status": "affected",
              "version": "QCN5021"
            },
            {
              "status": "affected",
              "version": "QCN5022"
            },
            {
              "status": "affected",
              "version": "QCN5024"
            },
            {
              "status": "affected",
              "version": "QCN5052"
            },
            {
              "status": "affected",
              "version": "QCN5054"
            },
            {
              "status": "affected",
              "version": "QCN5122"
            },
            {
              "status": "affected",
              "version": "QCN5124"
            },
            {
              "status": "affected",
              "version": "QCN5152"
            },
            {
              "status": "affected",
              "version": "QCN5154"
            },
            {
              "status": "affected",
              "version": "QCN5164"
            },
            {
              "status": "affected",
              "version": "QCN6023"
            },
            {
              "status": "affected",
              "version": "QCN6024"
            },
            {
              "status": "affected",
              "version": "QCN6112"
            },
            {
              "status": "affected",
              "version": "QCN6122"
            },
            {
              "status": "affected",
              "version": "QCN6132"
            },
            {
              "status": "affected",
              "version": "QCN6224"
            },
            {
              "status": "affected",
              "version": "QCN6274"
            },
            {
              "status": "affected",
              "version": "QCN9000"
            },
            {
              "status": "affected",
              "version": "QCN9011"
            },
            {
              "status": "affected",
              "version": "QCN9012"
            },
            {
              "status": "affected",
              "version": "QCN9013"
            },
            {
              "status": "affected",
              "version": "QCN9022"
            },
            {
              "status": "affected",
              "version": "QCN9024"
            },
            {
              "status": "affected",
              "version": "QCN9070"
            },
            {
              "status": "affected",
              "version": "QCN9072"
            },
            {
              "status": "affected",
              "version": "QCN9074"
            },
            {
              "status": "affected",
              "version": "QCN9100"
            },
            {
              "status": "affected",
              "version": "QCN9274"
            },
            {
              "status": "affected",
              "version": "QFW7114"
            },
            {
              "status": "affected",
              "version": "QFW7124"
            },
            {
              "status": "affected",
              "version": "QRB5165M"
            },
            {
              "status": "affected",
              "version": "QRB5165N"
            },
            {
              "status": "affected",
              "version": "Robotics RB5 Platform"
            },
            {
              "status": "affected",
              "version": "SC8380XP"
            },
            {
              "status": "affected",
              "version": "SDX55"
            },
            {
              "status": "affected",
              "version": "SDX65M"
            },
            {
              "status": "affected",
              "version": "SM8550P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8+ Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR2 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X65 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X75 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "SSG2115P"
            },
            {
              "status": "affected",
              "version": "SSG2125P"
            },
            {
              "status": "affected",
              "version": "SXR1230P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCD9390"
            },
            {
              "status": "affected",
              "version": "WCD9395"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            },
            {
              "status": "affected",
              "version": "WSA8840"
            },
            {
              "status": "affected",
              "version": "WSA8845"
            },
            {
              "status": "affected",
              "version": "WSA8845H"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:11:27.364Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
        }
      ],
      "title": "Reachable assertion in WLAN Firmware"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-33041",
    "datePublished": "2023-12-05T03:04:04.387Z",
    "dateReserved": "2023-05-17T09:28:53.122Z",
    "dateUpdated": "2024-08-02T15:32:46.553Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48415 (GCVE-0-2023-48415)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:44 – Updated: 2024-08-02 21:30

Summary

In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.964Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:58.062Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48415",
    "datePublished": "2023-12-08T15:44:58.834Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-08-02T21:30:34.964Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48416 (GCVE-0-2023-48416)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:45 – Updated: 2024-08-02 21:30

Summary

In multiple locations, there is a possible null dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Denial of service

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.266Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In multiple locations, there is a possible null dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of service",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:58.343Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48416",
    "datePublished": "2023-12-08T15:45:12.359Z",
    "dateReserved": "2023-11-16T16:09:59.940Z",
    "dateUpdated": "2024-08-02T21:30:35.266Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48422 (GCVE-0-2023-48422)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:45 – Updated: 2024-08-02 21:30

Summary

In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.126Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:59.245Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48422",
    "datePublished": "2023-12-08T15:45:43.926Z",
    "dateReserved": "2023-11-16T16:28:09.701Z",
    "dateUpdated": "2024-08-02T21:30:35.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48404 (GCVE-0-2023-48404)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:40 – Updated: 2024-08-02 21:30

Summary

In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:34.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:54.821Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48404",
    "datePublished": "2023-12-08T15:40:50.008Z",
    "dateReserved": "2023-11-16T16:08:52.675Z",
    "dateUpdated": "2024-08-02T21:30:34.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48409 (GCVE-0-2023-48409)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:41 – Updated: 2024-08-02 21:30

Summary

In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Elevation of privilege

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.338Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:56.263Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48409",
    "datePublished": "2023-12-08T15:41:49.022Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-08-02T21:30:35.338Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-21634 (GCVE-0-2023-21634)

Vulnerability from cvelistv5 – Published: 2023-12-05 03:03 – Updated: 2024-08-02 09:44

Title

Improper Restriction of Operations within the Bounds of a Memory Buffer in Radio Interface Layer

Summary

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.

Severity ?

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

qualcomm

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: AQT1000 Affected: FastConnect 6200 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: QCA6310 Affected: QCA6320 Affected: QCA6391 Affected: QCA6420 Affected: QCA6426 Affected: QCA6430 Affected: QCA6436 Affected: QCA6574AU Affected: QCA6595AU Affected: QCA6696 Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SD835 Affected: SD855 Affected: SD865 5G Affected: Snapdragon 835 Mobile PC Platform Affected: Snapdragon 855 Mobile Platform Affected: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Affected: Snapdragon 870 5G Mobile Platform (SM8250-AC) Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon Wear 4100+ Platform Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: SW5100 Affected: SW5100P Affected: SXR2130 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9380 Affected: WCN3610 Affected: WCN3660B Affected: WCN3680B Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:44:02.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AQT1000"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "QCA6310"
            },
            {
              "status": "affected",
              "version": "QCA6320"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6420"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6430"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SD835"
            },
            {
              "status": "affected",
              "version": "SD855"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "Snapdragon 835 Mobile PC Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
            },
            {
              "status": "affected",
              "version": "Snapdragon W5+ Gen 1 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Wear 4100+ Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "SXR2130"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN3610"
            },
            {
              "status": "affected",
              "version": "WCN3660B"
            },
            {
              "status": "affected",
              "version": "WCN3680B"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN3990"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:10:25.219Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
        }
      ],
      "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer in Radio Interface Layer"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-21634",
    "datePublished": "2023-12-05T03:03:43.564Z",
    "dateReserved": "2022-12-07T02:58:25.865Z",
    "dateUpdated": "2024-08-02T09:44:02.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48412 (GCVE-0-2023-48412)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:44 – Updated: 2024-12-02 17:05

Summary

In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:30:35.134Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-48412",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-12T20:40:46.990087Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T17:05:08.264Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "Android kernel"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak  due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-12T20:49:57.167Z",
        "orgId": "83238938-5644-45f0-9007-c0392bcf6222",
        "shortName": "Google_Devices"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/pixel/2023-12-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
    "assignerShortName": "Google_Devices",
    "cveId": "CVE-2023-48412",
    "datePublished": "2023-12-08T15:44:27.291Z",
    "dateReserved": "2023-11-16T16:09:59.939Z",
    "dateUpdated": "2024-12-02T17:05:08.264Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48420 (GCVE-0-2023-48420)

Vulnerability from cvelistv5 – Published: 2023-12-08 15:45 – Updated: 2024-08-28 15:23

Summary

there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Severity ?

No CVSS data available.

CWE

Elevation of privilege

Assigner

Google_Devices

References

URL

Tags

Impacted products

	Vendor	Product	Version
	Google	Android	Affected: Android kernel

Show details on NVD website