CVE-2023-21639: Buffer Copy Without Checking the Size of Input in Audio
First published: Tue Jul 04 2023(Updated: )
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Credit: product-security@qualcomm.com product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Qualcomm aqt1000 | ||
| Qualcomm aqt1000 firmware | ||
| All of | ||
| qualcomm fastconnect 6200 Firmware | ||
| qualcomm fastconnect 6200 | ||
| All of | ||
| Qualcomm qca6420 firmware | ||
| Qualcomm qca6420 | ||
| All of | ||
| Qualcomm qca6430 firmware | ||
| Qualcomm qca6430 | ||
| All of | ||
| qualcomm sa4150p Firmware | ||
| qualcomm sa4150p | ||
| All of | ||
| qualcomm sa4155p Firmware | ||
| qualcomm sa4155p | ||
| All of | ||
| Qualcomm Sa6155p Firmware | ||
| qualcomm SA6155P | ||
| All of | ||
| Qualcomm sa8155p firmware | ||
| Qualcomm sa8155p | ||
| All of | ||
| Qualcomm sa8195p firmware | ||
| Qualcomm sa8195p | ||
| All of | ||
| qualcomm sd855 firmware | ||
| qualcomm sd855 | ||
| All of | ||
| Qualcomm Snapdragon 855 Firmware | ||
| Qualcomm Snapdragon 855 | ||
| All of | ||
| Qualcomm Snapdragon 855\+\/860 Firmware | ||
| Qualcomm Snapdragon 855\+\/860 | ||
| All of | ||
| Qualcomm Snapdragon W5\+ Gen 1 Firmware | ||
| Qualcomm Snapdragon W5\+ Gen 1 | ||
| All of | ||
| qualcomm sw5100 firmware | ||
| qualcomm sw5100 | ||
| All of | ||
| qualcomm sw5100p firmware | ||
| qualcomm sw5100p | ||
| All of | ||
| qualcomm wcd9341 firmware | ||
| qualcomm wcd9341 | ||
| All of | ||
| qualcomm wcn3980 firmware | ||
| Qualcomm Wcn3980 | ||
| All of | ||
| qualcomm wcn3988 firmware | ||
| Qualcomm WCN3988 | ||
| All of | ||
| qualcomm wsa8810 firmware | ||
| qualcomm wsa8810 | ||
| All of | ||
| qualcomm wsa8815 firmware | ||
| qualcomm wsa8815 | ||
| All of | ||
| qualcomm wsa8830 firmware | ||
| qualcomm wsa8830 | ||
| All of | ||
| qualcomm wsa8835 firmware | ||
| qualcomm wsa8835 | ||
| Qualcomm aqt1000 firmware | ||
| Qualcomm aqt1000 | ||
| qualcomm fastconnect 6200 Firmware | ||
| qualcomm fastconnect 6200 | ||
| Qualcomm qca6420 firmware | ||
| Qualcomm qca6420 | ||
| Qualcomm qca6430 firmware | ||
| Qualcomm qca6430 | ||
| qualcomm sa4150p Firmware | ||
| qualcomm sa4150p | ||
| qualcomm sa4155p Firmware | ||
| qualcomm sa4155p | ||
| Qualcomm Sa6155p Firmware | ||
| qualcomm SA6155P | ||
| Qualcomm sa8155p firmware | ||
| Qualcomm sa8155p | ||
| Qualcomm sa8195p firmware | ||
| Qualcomm sa8195p | ||
| qualcomm sd855 firmware | ||
| qualcomm sd855 | ||
| Qualcomm Snapdragon 855 Firmware | ||
| Qualcomm Snapdragon 855 | ||
| Qualcomm Snapdragon 855\+\/860 Firmware | ||
| Qualcomm Snapdragon 855\+\/860 | ||
| Qualcomm Snapdragon W5\+ Gen 1 Firmware | ||
| Qualcomm Snapdragon W5\+ Gen 1 | ||
| qualcomm sw5100 firmware | ||
| qualcomm sw5100 | ||
| qualcomm sw5100p firmware | ||
| qualcomm sw5100p | ||
| qualcomm wcd9341 firmware | ||
| qualcomm wcd9341 | ||
| qualcomm wcn3980 firmware | ||
| Qualcomm Wcn3980 | ||
| qualcomm wcn3988 firmware | ||
| Qualcomm WCN3988 | ||
| qualcomm wsa8810 firmware | ||
| qualcomm wsa8810 | ||
| qualcomm wsa8815 firmware | ||
| qualcomm wsa8815 | ||
| qualcomm wsa8830 firmware | ||
| qualcomm wsa8830 | ||
| qualcomm wsa8835 firmware | ||
| qualcomm wsa8835 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-21639?
CVE-2023-21639 is a vulnerability that causes memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
Which software is affected by CVE-2023-21639?
Google Android, Qualcomm Fastconnect 6200 Firmware, Qualcomm Qca6420 Firmware, Qualcomm Qca6430 Firmware, Qualcomm Sa4150p Firmware, Qualcomm Sa8195p Firmware, Qualcomm Snapdragon 855 Firmware, Qualcomm Snapdragon 855+\/860 Firmware, Qualcomm Snapdragon W5+ Gen 1 Firmware, Qualcomm Wcd9341 Firmware.
What is the severity of CVE-2023-21639?
CVE-2023-21639 has a severity rating of 7.8 (high).
How can I fix CVE-2023-21639?
To fix CVE-2023-21639, it is recommended to apply the security patches provided by the vendor.
Where can I find more information about CVE-2023-21639?
You can find more information about CVE-2023-21639 at the following link: [link](https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin).
- agent/type
- agent/severity
- agent/references
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/qualcomm
- canonical/qualcomm aqt1000
- canonical/qualcomm aqt1000 firmware
- canonical/qualcomm fastconnect 6200 firmware
- canonical/qualcomm fastconnect 6200
- canonical/qualcomm qca6420 firmware
- canonical/qualcomm qca6420
- canonical/qualcomm qca6430 firmware
- canonical/qualcomm qca6430
- canonical/qualcomm sa4150p firmware
- canonical/qualcomm sa4150p
- canonical/qualcomm sa4155p firmware
- canonical/qualcomm sa4155p
- canonical/qualcomm sa6155p firmware
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8155p firmware
- canonical/qualcomm sa8155p
- canonical/qualcomm sa8195p firmware
- canonical/qualcomm sa8195p
- canonical/qualcomm sd855 firmware
- canonical/qualcomm sd855
- canonical/qualcomm snapdragon 855 firmware
- canonical/qualcomm snapdragon 855
- canonical/qualcomm snapdragon 855\+\/860 firmware
- canonical/qualcomm snapdragon 855\+\/860
- canonical/qualcomm snapdragon w5\+ gen 1 firmware
- canonical/qualcomm snapdragon w5\+ gen 1
- canonical/qualcomm sw5100 firmware
- canonical/qualcomm sw5100
- canonical/qualcomm sw5100p firmware
- canonical/qualcomm sw5100p
- canonical/qualcomm wcd9341 firmware
- canonical/qualcomm wcd9341
- canonical/qualcomm wcn3980 firmware
- canonical/qualcomm wcn3980
- canonical/qualcomm wcn3988 firmware
- canonical/qualcomm wcn3988
- canonical/qualcomm wsa8810 firmware
- canonical/qualcomm wsa8810
- canonical/qualcomm wsa8815 firmware
- canonical/qualcomm wsa8815
- canonical/qualcomm wsa8830 firmware
- canonical/qualcomm wsa8830
- canonical/qualcomm wsa8835 firmware
- canonical/qualcomm wsa8835