CVE-2023-43556

Summary

Memory corruption in Hypervisor when platform information mentioned is not aligned.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAR8035affected
Qualcomm, Inc.SnapdragonFastConnect 6700affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonFlight RB5 5G Platformaffected
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6595affected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA8081affected
Qualcomm, Inc.SnapdragonQCA8337affected
Qualcomm, Inc.SnapdragonQCM4490affected
Qualcomm, Inc.SnapdragonQCM5430affected
Qualcomm, Inc.SnapdragonQCM6490affected
Qualcomm, Inc.SnapdragonQCN6024affected
Qualcomm, Inc.SnapdragonQCN9011affected
Qualcomm, Inc.SnapdragonQCN9012affected
Qualcomm, Inc.SnapdragonQCN9024affected
Qualcomm, Inc.SnapdragonQCS4490affected
Qualcomm, Inc.SnapdragonQCS5430affected
Qualcomm, Inc.SnapdragonQCS6490affected
Qualcomm, Inc.SnapdragonQCS7230affected
Qualcomm, Inc.SnapdragonQCS8250affected
Qualcomm, Inc.SnapdragonQRB5165Maffected
Qualcomm, Inc.SnapdragonQRB5165Naffected
Qualcomm, Inc.SnapdragonQSM8350affected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC3 Platformaffected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC5 Platformaffected
Qualcomm, Inc.SnapdragonRobotics RB5 Platformaffected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSA8540Paffected
Qualcomm, Inc.SnapdragonSA9000Paffected
Qualcomm, Inc.SnapdragonSD888affected
Qualcomm, Inc.SnapdragonSDX57Maffected
Qualcomm, Inc.SnapdragonSM7315affected
Qualcomm, Inc.SnapdragonSM7325Paffected
Qualcomm, Inc.SnapdragonSnapdragon 4 Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 778G 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 778G+ 5G Mobile Platform (SM7325-AE)affected
Qualcomm, Inc.SnapdragonSnapdragon 780G 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 782G Mobile Platform (SM7325-AF)affected
Qualcomm, Inc.SnapdragonSnapdragon 7c+ Gen 3 Computeaffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8+ Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 888 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 888+ 5G Mobile Platform (SM8350-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)affected
Qualcomm, Inc.SnapdragonSnapdragon AR2 Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X65 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon X70 Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSSG2115Paffected
Qualcomm, Inc.SnapdragonSSG2125Paffected
Qualcomm, Inc.SnapdragonSXR1230Paffected
Qualcomm, Inc.SnapdragonSXR2230Paffected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWCN6740affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References