CVE-2023-21671: Improper Input Validation in Core
First published: Mon Nov 06 2023(Updated: )
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| qualcomm fastconnect 6700 Firmware | ||
| qualcomm fastconnect 6700 | ||
| All of | ||
| qualcomm fastconnect 6900 Firmware | ||
| qualcomm fastconnect 6900 | ||
| All of | ||
| qualcomm qca6391 firmware | ||
| qualcomm qca6391 | ||
| All of | ||
| Qualcomm qcm6490 firmware | ||
| Qualcomm qcm6490 | ||
| All of | ||
| Qualcomm qcs6490 firmware | ||
| Qualcomm qcs6490 | ||
| All of | ||
| qualcomm qsm8350 firmware | ||
| qualcomm qsm8350 | ||
| All of | ||
| qualcomm qualcomm video collaboration vc3 platform firmware | ||
| qualcomm qualcomm video collaboration vc3 platform | ||
| All of | ||
| Qualcomm sd888 firmware | ||
| Qualcomm sd888 | ||
| All of | ||
| qualcomm sm7315 firmware | ||
| qualcomm sm7315 | ||
| All of | ||
| qualcomm sm7325p firmware | ||
| qualcomm sm7325p | ||
| All of | ||
| qualcomm snapdragon 778g 5g mobile platform firmware | ||
| qualcomm snapdragon 778g 5g mobile platform | ||
| All of | ||
| qualcomm snapdragon 778g\+ 5g mobile platform firmware | ||
| qualcomm snapdragon 778g\+ 5g mobile platform | ||
| All of | ||
| qualcomm snapdragon 780g 5g mobile platform firmware | ||
| qualcomm snapdragon 780g 5g mobile platform | ||
| All of | ||
| qualcomm snapdragon 782g mobile platform firmware | ||
| qualcomm snapdragon 782g mobile platform | ||
| All of | ||
| qualcomm snapdragon 7c\+ gen 3 compute firmware | ||
| qualcomm snapdragon 7c\+ gen 3 compute | ||
| All of | ||
| qualcomm snapdragon 888 5g mobile platform firmware | ||
| qualcomm snapdragon 888 5g mobile platform | ||
| All of | ||
| qualcomm snapdragon 888\+ 5g mobile platform firmware | ||
| qualcomm snapdragon 888\+ 5g mobile platform | ||
| All of | ||
| Qualcomm wcd9370 firmware | ||
| Qualcomm wcd9370 | ||
| All of | ||
| Qualcomm wcd9375 firmware | ||
| Qualcomm wcd9375 | ||
| All of | ||
| qualcomm wcd9380 firmware | ||
| qualcomm wcd9380 | ||
| All of | ||
| qualcomm wcd9385 firmware | ||
| qualcomm wcd9385 | ||
| All of | ||
| Qualcomm wcn6740 firmware | ||
| qualcomm wcn6740 | ||
| All of | ||
| qualcomm wsa8830 firmware | ||
| qualcomm wsa8830 | ||
| All of | ||
| qualcomm wsa8835 firmware | ||
| qualcomm wsa8835 | ||
| Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-21671?
CVE-2023-21671 is a vulnerability that involves improper input validation in Core, resulting in memory corruption during the syscall for Sectools Fuse comparison feature.
Which software are affected by CVE-2023-21671?
The following software are affected by CVE-2023-21671: Qualcomm Fastconnect 6700 Firmware, Qualcomm Fastconnect 6900 Firmware, Google Android, Qualcomm QCA6391 Firmware, Qualcomm QCM6490 Firmware, Qualcomm QCS6490 Firmware, Qualcomm Qsm8350 Firmware, Qualcomm Qualcomm Video Collaboration VC3 Platform Firmware, Qualcomm Snapdragon 778g 5g Mobile Platform Firmware, Qualcomm Snapdragon 778g+ 5g Mobile Platform Firmware, Qualcomm Snapdragon 780g 5g Mobile Platform Firmware, Qualcomm Snapdragon 782g Mobile Platform Firmware, Qualcomm Snapdragon 7c+ Gen 3 Compute Firmware, Qualcomm Snapdragon 888 5g Mobile Platform Firmware, Qualcomm Snapdragon 888+ 5g Mobile Platform Firmware, Qualcomm Wcd9370 Firmware, Qualcomm Wcd9375 Firmware, Qualcomm Wcd9380 Firmware, Qualcomm Wcd9385 Firmware, Qualcomm Wcn6740 Firmware, Qualcomm Wsa8830 Firmware, Qualcomm Wsa8835 Firmware.
What is the severity of CVE-2023-21671?
The severity of CVE-2023-21671 is critical with a severity value of 9.3.
How does CVE-2023-21671 impact the affected software?
CVE-2023-21671 can lead to memory corruption in the affected software, specifically during the syscall for the Sectools Fuse comparison feature.
How can I fix CVE-2023-21671?
To fix CVE-2023-21671, it is recommended to apply the necessary security updates provided by the software vendor. Please refer to the vendor's security bulletin for more information.
- agent/type
- agent/author
- agent/references
- agent/severity
- agent/title
- agent/description
- agent/first-publish-date
- agent/weakness
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/android-source
- source/Android
- vendor/qualcomm
- canonical/qualcomm fastconnect 6700 firmware
- canonical/qualcomm fastconnect 6700
- canonical/qualcomm fastconnect 6900 firmware
- canonical/qualcomm fastconnect 6900
- canonical/qualcomm qca6391 firmware
- canonical/qualcomm qca6391
- canonical/qualcomm qcm6490 firmware
- canonical/qualcomm qcm6490
- canonical/qualcomm qcs6490 firmware
- canonical/qualcomm qcs6490
- canonical/qualcomm qsm8350 firmware
- canonical/qualcomm qsm8350
- canonical/qualcomm qualcomm video collaboration vc3 platform firmware
- canonical/qualcomm qualcomm video collaboration vc3 platform
- canonical/qualcomm sd888 firmware
- canonical/qualcomm sd888
- canonical/qualcomm sm7315 firmware
- canonical/qualcomm sm7315
- canonical/qualcomm sm7325p firmware
- canonical/qualcomm sm7325p
- canonical/qualcomm snapdragon 778g 5g mobile platform firmware
- canonical/qualcomm snapdragon 778g 5g mobile platform
- canonical/qualcomm snapdragon 778g\+ 5g mobile platform firmware
- canonical/qualcomm snapdragon 778g\+ 5g mobile platform
- canonical/qualcomm snapdragon 780g 5g mobile platform firmware
- canonical/qualcomm snapdragon 780g 5g mobile platform
- canonical/qualcomm snapdragon 782g mobile platform firmware
- canonical/qualcomm snapdragon 782g mobile platform
- canonical/qualcomm snapdragon 7c\+ gen 3 compute firmware
- canonical/qualcomm snapdragon 7c\+ gen 3 compute
- canonical/qualcomm snapdragon 888 5g mobile platform firmware
- canonical/qualcomm snapdragon 888 5g mobile platform
- canonical/qualcomm snapdragon 888\+ 5g mobile platform firmware
- canonical/qualcomm snapdragon 888\+ 5g mobile platform
- canonical/qualcomm wcd9370 firmware
- canonical/qualcomm wcd9370
- canonical/qualcomm wcd9375 firmware
- canonical/qualcomm wcd9375
- canonical/qualcomm wcd9380 firmware
- canonical/qualcomm wcd9380
- canonical/qualcomm wcd9385 firmware
- canonical/qualcomm wcd9385
- canonical/qualcomm wcn6740 firmware
- canonical/qualcomm wcn6740
- canonical/qualcomm wsa8830 firmware
- canonical/qualcomm wsa8830
- canonical/qualcomm wsa8835 firmware
- canonical/qualcomm wsa8835
- vendor/google
- canonical/android