CVE-2023-21630
8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon | FastConnect 6700 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 6900 | affected |
| Qualcomm, Inc. | Snapdragon | FastConnect 7800 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6391 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6574 | affected |
| Qualcomm, Inc. | Snapdragon | QCA6574A | affected |
| Qualcomm, Inc. | Snapdragon | QCA6574AU | affected |
| Qualcomm, Inc. | Snapdragon | QCA6595AU | affected |
| Qualcomm, Inc. | Snapdragon | QCA6696 | affected |
| Qualcomm, Inc. | Snapdragon | SA6155P | affected |
| Qualcomm, Inc. | Snapdragon | SA8155P | affected |
| Qualcomm, Inc. | Snapdragon | SA8195P | affected |
| Qualcomm, Inc. | Snapdragon | SD 8 Gen1 5G | affected |
| Qualcomm, Inc. | Snapdragon | SD778G | affected |
| Qualcomm, Inc. | Snapdragon | SD888 | affected |
| Qualcomm, Inc. | Snapdragon | SG4150P | affected |
| Qualcomm, Inc. | Snapdragon | SM7315 | affected |
| Qualcomm, Inc. | Snapdragon | SM7325P | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 680 4G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 685 4G Mobile Platform (SM6225-AD) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 778G 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 780G 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 782G Mobile Platform (SM7325-AF) | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 8 Gen 1 Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 888 5G Mobile Platform | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon 888+ 5G Mobile Platform (SM8350-AC) | affected |
| Qualcomm, Inc. | Snapdragon | SW5100 | affected |
| Qualcomm, Inc. | Snapdragon | SW5100P | affected |
| Qualcomm, Inc. | Snapdragon | WCD9370 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9375 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9380 | affected |
| Qualcomm, Inc. | Snapdragon | WCD9385 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3950 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3980 | affected |
| Qualcomm, Inc. | Snapdragon | WCN3988 | affected |
| Qualcomm, Inc. | Snapdragon | WCN6740 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8810 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8830 | affected |
| Qualcomm, Inc. | Snapdragon | WSA8835 | affected |
Weaknesses
- CWE-191: CWE-191 Integer Underflow (Wrap or Wraparound)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.