First published: Mon Nov 06 2023(Updated: )
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Android | ||
All of | ||
Qualcomm FastConnect 6700 Firmware | ||
Qualcomm Fastconnect 6700 | ||
All of | ||
Qualcomm FastConnect 6900 Firmware | ||
Qualcomm Fastconnect 6900 Firmware | ||
All of | ||
Qualcomm QCA6391 Firmware | ||
Qualcomm QCA6391 Firmware | ||
All of | ||
Qualcomm QCM6490 | ||
Qualcomm QCM6490 Firmware | ||
All of | ||
Qualcomm QCS6490 Firmware | ||
Qualcomm QCS6490 Firmware | ||
All of | ||
Qualcomm SM8350 Firmware | ||
Qualcomm QSM8350 Firmware | ||
All of | ||
Qualcomm Video Collaboration VC3 Platform Firmware | ||
Qualcomm Video Collaboration VC3 Platform | ||
All of | ||
Qualcomm Snapdragon 888 Firmware | ||
Qualcomm Snapdragon 888 Firmware | ||
All of | ||
Qualcomm SM7315 | ||
Qualcomm SM7315 Firmware | ||
All of | ||
Qualcomm SM7325P Firmware | ||
Qualcomm SM7325P Firmware | ||
All of | ||
Qualcomm Snapdragon 778G 5G Mobile Firmware | ||
Qualcomm Snapdragon 778G+ 5G | ||
All of | ||
Qualcomm Snapdragon 778G+ 5G Mobile Platform Firmware | ||
Qualcomm Snapdragon 778G+ 5G Mobile Platform | ||
All of | ||
Qualcomm Snapdragon 780G 5G Mobile Firmware | ||
Qualcomm Snapdragon 780G 5G Mobile Platform Firmware | ||
All of | ||
Qualcomm Snapdragon 782G Mobile Platform | ||
Qualcomm Snapdragon 782G Mobile Platform Firmware | ||
All of | ||
Qualcomm Snapdragon 7c+ Gen 3 Compute Firmware | ||
Qualcomm Snapdragon 7c+ Gen 3 Compute | ||
All of | ||
Qualcomm Snapdragon 888+ 5G Mobile Platform Firmware | ||
Qualcomm Snapdragon 888 5G Mobile | ||
All of | ||
Qualcomm Snapdragon 888+ 5G Mobile Platform Firmware | ||
Qualcomm Snapdragon 888+ 5G Mobile Platform | ||
All of | ||
Qualcomm WCD9370 Firmware | ||
Qualcomm WCD9370 Firmware | ||
All of | ||
Qualcomm WCD9375 | ||
Qualcomm WCD9375 Firmware | ||
All of | ||
Qualcomm WCD9380 | ||
Qualcomm WCD9380 Firmware | ||
All of | ||
Qualcomm WCD9385 | ||
Qualcomm WCD9385 Firmware | ||
All of | ||
Qualcomm WCN6740 Firmware | ||
Qualcomm WCN6740 Firmware | ||
All of | ||
Qualcomm WSA8830 | ||
Qualcomm WSA8830 | ||
All of | ||
Qualcomm WSA8835 | ||
Qualcomm WSA8835 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-21671 is a vulnerability that involves improper input validation in Core, resulting in memory corruption during the syscall for Sectools Fuse comparison feature.
The following software are affected by CVE-2023-21671: Qualcomm Fastconnect 6700 Firmware, Qualcomm Fastconnect 6900 Firmware, Google Android, Qualcomm QCA6391 Firmware, Qualcomm QCM6490 Firmware, Qualcomm QCS6490 Firmware, Qualcomm Qsm8350 Firmware, Qualcomm Qualcomm Video Collaboration VC3 Platform Firmware, Qualcomm Snapdragon 778g 5g Mobile Platform Firmware, Qualcomm Snapdragon 778g+ 5g Mobile Platform Firmware, Qualcomm Snapdragon 780g 5g Mobile Platform Firmware, Qualcomm Snapdragon 782g Mobile Platform Firmware, Qualcomm Snapdragon 7c+ Gen 3 Compute Firmware, Qualcomm Snapdragon 888 5g Mobile Platform Firmware, Qualcomm Snapdragon 888+ 5g Mobile Platform Firmware, Qualcomm Wcd9370 Firmware, Qualcomm Wcd9375 Firmware, Qualcomm Wcd9380 Firmware, Qualcomm Wcd9385 Firmware, Qualcomm Wcn6740 Firmware, Qualcomm Wsa8830 Firmware, Qualcomm Wsa8835 Firmware.
The severity of CVE-2023-21671 is critical with a severity value of 9.3.
CVE-2023-21671 can lead to memory corruption in the affected software, specifically during the syscall for the Sectools Fuse comparison feature.
To fix CVE-2023-21671, it is recommended to apply the necessary security updates provided by the software vendor. Please refer to the vendor's security bulletin for more information.