CVE-2023-21639
Buffer Copy Without Checking the Size of Input in Audio
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-12-07 CVE Reserved
- 2023-07-04 CVE Published
- 2024-08-02 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin | 2024-04-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Aqt1000 Firmware Search vendor "Qualcomm" for product "Aqt1000 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Aqt1000 Search vendor "Qualcomm" for product "Aqt1000" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Fastconnect 6200 Firmware Search vendor "Qualcomm" for product "Fastconnect 6200 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Fastconnect 6200 Search vendor "Qualcomm" for product "Fastconnect 6200" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca6420 Firmware Search vendor "Qualcomm" for product "Qca6420 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca6420 Search vendor "Qualcomm" for product "Qca6420" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qca6430 Firmware Search vendor "Qualcomm" for product "Qca6430 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca6430 Search vendor "Qualcomm" for product "Qca6430" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa4150p Firmware Search vendor "Qualcomm" for product "Sa4150p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa4150p Search vendor "Qualcomm" for product "Sa4150p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa4155p Firmware Search vendor "Qualcomm" for product "Sa4155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa4155p Search vendor "Qualcomm" for product "Sa4155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa6155p Firmware Search vendor "Qualcomm" for product "Sa6155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa6155p Search vendor "Qualcomm" for product "Sa6155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa8155p Firmware Search vendor "Qualcomm" for product "Sa8155p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa8155p Search vendor "Qualcomm" for product "Sa8155p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa8195p Firmware Search vendor "Qualcomm" for product "Sa8195p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa8195p Search vendor "Qualcomm" for product "Sa8195p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sd855 Firmware Search vendor "Qualcomm" for product "Sd855 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sd855 Search vendor "Qualcomm" for product "Sd855" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Snapdragon 855 Firmware Search vendor "Qualcomm" for product "Snapdragon 855 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Snapdragon 855 Search vendor "Qualcomm" for product "Snapdragon 855" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Snapdragon 855\+\/860 Firmware Search vendor "Qualcomm" for product "Snapdragon 855\+\/860 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Snapdragon 855\+\/860 Search vendor "Qualcomm" for product "Snapdragon 855\+\/860" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Snapdragon W5\+ Gen 1 Firmware Search vendor "Qualcomm" for product "Snapdragon W5\+ Gen 1 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Snapdragon W5\+ Gen 1 Search vendor "Qualcomm" for product "Snapdragon W5\+ Gen 1" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sw5100 Firmware Search vendor "Qualcomm" for product "Sw5100 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sw5100 Search vendor "Qualcomm" for product "Sw5100" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sw5100p Firmware Search vendor "Qualcomm" for product "Sw5100p Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sw5100p Search vendor "Qualcomm" for product "Sw5100p" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Wcd9341 Firmware Search vendor "Qualcomm" for product "Wcd9341 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Wcd9341 Search vendor "Qualcomm" for product "Wcd9341" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Wcn3980 Firmware Search vendor "Qualcomm" for product "Wcn3980 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Wcn3980 Search vendor "Qualcomm" for product "Wcn3980" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Wcn3988 Firmware Search vendor "Qualcomm" for product "Wcn3988 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Wcn3988 Search vendor "Qualcomm" for product "Wcn3988" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Wsa8810 Firmware Search vendor "Qualcomm" for product "Wsa8810 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Wsa8810 Search vendor "Qualcomm" for product "Wsa8810" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Wsa8815 Firmware Search vendor "Qualcomm" for product "Wsa8815 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Wsa8815 Search vendor "Qualcomm" for product "Wsa8815" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Wsa8830 Firmware Search vendor "Qualcomm" for product "Wsa8830 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Wsa8830 Search vendor "Qualcomm" for product "Wsa8830" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Wsa8835 Firmware Search vendor "Qualcomm" for product "Wsa8835 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Wsa8835 Search vendor "Qualcomm" for product "Wsa8835" | - | - |
Safe
|