CVE-2023-22384: Buffer Copy Without Checking Size of Input in VR Service
First published: Tue Oct 03 2023(Updated: )
Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm QCA6574 Firmware | ||
| Qualcomm QCA6574AU | ||
| Qualcomm QCA6696 Firmware | ||
| Qualcomm QCA6696 Firmware | ||
| Qualcomm SA6145P Firmware | ||
| Qualcomm SA6145P Firmware | ||
| Qualcomm SA6150P Firmware | ||
| Qualcomm SA6150P Firmware | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155P | ||
| Qualcomm SA8145P | ||
| Qualcomm SA8145P Firmware | ||
| Qualcomm SA8150P Firmware | ||
| Qualcomm SA8150P Firmware | ||
| Qualcomm SA8155 | ||
| Qualcomm SA8155P Firmware | ||
| Qualcomm SA8195P | ||
| Qualcomm SA8195P Firmware | ||
| All of | ||
| Qualcomm QCA6574 Firmware | ||
| Qualcomm QCA6574AU | ||
| All of | ||
| Qualcomm QCA6696 Firmware | ||
| Qualcomm QCA6696 Firmware | ||
| All of | ||
| Qualcomm SA6145P Firmware | ||
| Qualcomm SA6145P Firmware | ||
| All of | ||
| Qualcomm SA6150P Firmware | ||
| Qualcomm SA6150P Firmware | ||
| All of | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155P | ||
| All of | ||
| Qualcomm SA8145P | ||
| Qualcomm SA8145P Firmware | ||
| All of | ||
| Qualcomm SA8150P Firmware | ||
| Qualcomm SA8150P Firmware | ||
| All of | ||
| Qualcomm SA8155 | ||
| Qualcomm SA8155P Firmware | ||
| All of | ||
| Qualcomm SA8195P | ||
| Qualcomm SA8195P Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-22384?
CVE-2023-22384 is a vulnerability that involves memory corruption in the VR Service while sending data using Fast Message Queue (FMQ).
Which software is affected by CVE-2023-22384?
Google Android with Qualcomm Qca6574au, Qualcomm Qca6696, Qualcomm Sa6145p, Qualcomm Sa6150p Firmware, Qualcomm Sa6155p Firmware, Qualcomm Sa8145p Firmware, Qualcomm Sa8150p Firmware, Qualcomm Sa8155p Firmware, and Qualcomm Sa8195p Firmware are affected by CVE-2023-22384.
How severe is CVE-2023-22384?
CVE-2023-22384 has a severity rating of 7.8 (high).
How can I fix CVE-2023-22384?
To fix CVE-2023-22384, you should apply the necessary security updates provided by Google and Qualcomm.
Where can I find more information about CVE-2023-22384?
You can find more information about CVE-2023-22384 on the Qualcomm Product Security Bulletin for October 2023.
- agent/type
- agent/references
- agent/title
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/last-modified-date
- agent/source
- agent/author
- agent/tags
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/qualcomm
- canonical/qualcomm qca6574 firmware
- canonical/qualcomm qca6574au
- canonical/qualcomm qca6696 firmware
- canonical/qualcomm sa6145p firmware
- canonical/qualcomm sa6150p firmware
- canonical/qualcomm sa6155
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8145p
- canonical/qualcomm sa8145p firmware
- canonical/qualcomm sa8150p firmware
- canonical/qualcomm sa8155
- canonical/qualcomm sa8155p firmware
- canonical/qualcomm sa8195p
- canonical/qualcomm sa8195p firmware