CVE-2023-21642

Summary

Memory corruption in HAB Memory management due to broad system privileges via physical address.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonSA6145Paffected
Qualcomm, Inc.SnapdragonSA6150Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8145Paffected
Qualcomm, Inc.SnapdragonSA8150Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSA8540Paffected
Qualcomm, Inc.SnapdragonSA9000Paffected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References