CVE-2023-21650
08.08.2023, 10:15
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.Enginsight
| Vendor | Product | Version |
|---|---|---|
| qualcomm | aqt1000_firmware | - |
| qualcomm | csrb31024_firmware | - |
| qualcomm | qam8295p_firmware | - |
| qualcomm | qca6390_firmware | - |
| qualcomm | qca6391_firmware | - |
| qualcomm | qca6420_firmware | - |
| qualcomm | qca6426_firmware | - |
| qualcomm | qca6430_firmware | - |
| qualcomm | qca6436_firmware | - |
| qualcomm | qca6564_firmware | - |
| qualcomm | qca6564au_firmware | - |
| qualcomm | qca6574a_firmware | - |
| qualcomm | qca6574au_firmware | - |
| qualcomm | qca6595au_firmware | - |
| qualcomm | qca6696_firmware | - |
| qualcomm | qcc5100_firmware | - |
| qualcomm | qcs410_firmware | - |
| qualcomm | qcs610_firmware | - |
| qualcomm | sa415m_firmware | - |
| qualcomm | sa6145p_firmware | - |
| qualcomm | sa6150p_firmware | - |
| qualcomm | sa6155p_firmware | - |
| qualcomm | sa8145p_firmware | - |
| qualcomm | sa8150p_firmware | - |
| qualcomm | sa8155p_firmware | - |
| qualcomm | sa8195p_firmware | - |
| qualcomm | sa8295p_firmware | - |
| qualcomm | sd855_firmware | - |
| qualcomm | sd865_5g_firmware | - |
| qualcomm | sd870_firmware | - |
| qualcomm | sda429w_firmware | - |
| qualcomm | sdx55m_firmware | - |
| qualcomm | sdxr2_5g_firmware | - |
| qualcomm | sw5100_firmware | - |
| qualcomm | sw5100p_firmware | - |
| qualcomm | wcd9341_firmware | - |
| qualcomm | wcd9370_firmware | - |
| qualcomm | wcd9380_firmware | - |
| qualcomm | wcn3610_firmware | - |
| qualcomm | wcn3660b_firmware | - |
| qualcomm | wcn3680b_firmware | - |
| qualcomm | wcn3950_firmware | - |
| qualcomm | wcn3980_firmware | - |
| qualcomm | wcn3988_firmware | - |
| qualcomm | wcn3998_firmware | - |
| qualcomm | wcn6850_firmware | - |
| qualcomm | wcn6851_firmware | - |
| qualcomm | wsa8810_firmware | - |
| qualcomm | wsa8815_firmware | - |
| qualcomm | wsa8830_firmware | - |
| qualcomm | wsa8835_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-129 - Improper Validation of Array IndexThe product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.