CVE-2023-43514

Summary

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAR8035affected
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6700affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonFlight RB5 5G Platformaffected
Qualcomm, Inc.SnapdragonQAM8255Paffected
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQAM8650Paffected
Qualcomm, Inc.SnapdragonQAM8775Paffected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6574affected
Qualcomm, Inc.SnapdragonQCA6574Aaffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6595affected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA6797AQaffected
Qualcomm, Inc.SnapdragonQCA8081affected
Qualcomm, Inc.SnapdragonQCA8337affected
Qualcomm, Inc.SnapdragonQCC710affected
Qualcomm, Inc.SnapdragonQCM4325affected
Qualcomm, Inc.SnapdragonQCM6490affected
Qualcomm, Inc.SnapdragonQCM8550affected
Qualcomm, Inc.SnapdragonQCN6224affected
Qualcomm, Inc.SnapdragonQCN6274affected
Qualcomm, Inc.SnapdragonQCS6490affected
Qualcomm, Inc.SnapdragonQCS7230affected
Qualcomm, Inc.SnapdragonQCS8250affected
Qualcomm, Inc.SnapdragonQCS8550affected
Qualcomm, Inc.SnapdragonQDU1000affected
Qualcomm, Inc.SnapdragonQDU1010affected
Qualcomm, Inc.SnapdragonQDU1110affected
Qualcomm, Inc.SnapdragonQDU1210affected
Qualcomm, Inc.SnapdragonQDX1010affected
Qualcomm, Inc.SnapdragonQDX1011affected
Qualcomm, Inc.SnapdragonQFW7114affected
Qualcomm, Inc.SnapdragonQFW7124affected
Qualcomm, Inc.SnapdragonQRB5165Naffected
Qualcomm, Inc.SnapdragonQRU1032affected
Qualcomm, Inc.SnapdragonQRU1052affected
Qualcomm, Inc.SnapdragonQRU1062affected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC3 Platformaffected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC5 Platformaffected
Qualcomm, Inc.SnapdragonRobotics RB5 Platformaffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSA8255Paffected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSG4150Paffected
Qualcomm, Inc.SnapdragonSG8275Paffected
Qualcomm, Inc.SnapdragonSM8550Paffected
Qualcomm, Inc.SnapdragonSnapdragon 4 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 480 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 480+ 5G Mobile Platform (SM4350-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 680 4G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 685 4G Mobile Platform (SM6225-AD)affected
Qualcomm, Inc.SnapdragonSnapdragon 695 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8+ Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon W5+ Gen 1 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X75 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSW5100affected
Qualcomm, Inc.SnapdragonSW5100Paffected
Qualcomm, Inc.SnapdragonWCD9340affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCD9390affected
Qualcomm, Inc.SnapdragonWCD9395affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected

Weaknesses

  • CWE-416: CWE-416 Use After Free

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References