CVE-2023-43525

Summary

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAR8035affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQAM8255Paffected
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQAM8650Paffected
Qualcomm, Inc.SnapdragonQAM8775Paffected
Qualcomm, Inc.SnapdragonQAMSRV1Haffected
Qualcomm, Inc.SnapdragonQAMSRV1Maffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6584AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA8081affected
Qualcomm, Inc.SnapdragonQCA8337affected
Qualcomm, Inc.SnapdragonQCC710affected
Qualcomm, Inc.SnapdragonQCN6224affected
Qualcomm, Inc.SnapdragonQCN6274affected
Qualcomm, Inc.SnapdragonQFW7114affected
Qualcomm, Inc.SnapdragonQFW7124affected
Qualcomm, Inc.SnapdragonSA6145Paffected
Qualcomm, Inc.SnapdragonSA6150Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA7255Paffected
Qualcomm, Inc.SnapdragonSA8145Paffected
Qualcomm, Inc.SnapdragonSA8150Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSA8255Paffected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSA8620Paffected
Qualcomm, Inc.SnapdragonSA8650Paffected
Qualcomm, Inc.SnapdragonSA8770Paffected
Qualcomm, Inc.SnapdragonSA8775Paffected
Qualcomm, Inc.SnapdragonSA9000Paffected
Qualcomm, Inc.SnapdragonSnapdragon Auto 5G Modem-RF Gen 2affected
Qualcomm, Inc.SnapdragonSnapdragon X72 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon X75 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSRV1Haffected
Qualcomm, Inc.SnapdragonSRV1Maffected
Qualcomm, Inc.SnapdragonWCD9340affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References