December 2023 Security Bulletin
Published: 12/04/2023
This security bulletin is intended to help Qualcomm Technologies, Inc. (QTI) customers incorporate security updates in launched or upcoming devices. This document includes (i) a description of security issues that have been addressed in QTI’s proprietary code and (ii) links to publicly available code where security issues have been addressed.
Please reach out to [email protected] for any questions related to this bulletin.
Table of Contents
| Announcements |
| Acknowledgements |
| Proprietary Software Issues |
| Open Source Software Issues |
| Industry Coordination |
Announcements
None
Acknowledgements
We would like to thank these researchers for their contributions in reporting these issues to us.
| CVE-2023-28551 | Conghui Wang (conghuiwang) |
| CVE-2023-33042,CVE-2023-33043,CVE-2023-33044 | Matheus Eduardo Garbelini |
| CVE-2023-33054 | Aapo Oksman |
| CVE-2023-33063 | luckyrb |
| CVE-2023-33070,CVE-2023-33071 | NIO SC Threat Control&Risk Team Dipper P |
| CVE-2023-33079 | Conghui Wang |
| CVE-2023-33092 | Lei Ai(艾磊) and Xianfeng Lu(卢先锋) of OPPO Amber Security Lab |
| CVE-2023-33106,CVE-2023-21634,CVE-2023-22383 | Reported to us through Google Android Security team; please see bulletins at https://source.android.com/security/overview/acknowledgements/ for individual credit information. For issues rated medium or lower, the individual credit information may appear in a future Android major release bulletin. |
| CVE-2023-33107 | Benoît Sevens of Google's Threat Analysis Group and Jann Horn of Google Project Zero |
| CVE-2023-22668 | heidada |
| CVE-2023-28579,CVE-2023-28580,CVE-2023-33024 | Zinuo Han(https://twitter.com/ele7enxxh) of OPPO Amber Security Lab |
| CVE-2023-33041 | None, Found internally Prior to report. |
Proprietary Software Issues
The tables below summarize security vulnerabilities that were addressed through proprietary software
This table lists high impact security vulnerabilities. Patches are being actively shared with OEMs, who have been notified and strongly recommended to deploy those patches on released devices as soon as possible. Please contact the device manufacturer for information on the patching status of released devices.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
|---|---|---|---|---|
| CVE-2023-33082 | Critical | Critical | WIN WLAN Host | Internal |
| CVE-2023-33083 | Critical | Critical | WIN WLAN Host | Internal |
| CVE-2023-28546 | High | High | SPS-Applications | Internal |
| CVE-2023-28550 | High | High | Modem Power Performance | Internal |
| CVE-2023-28551 | High | High | UTILS | 12/12/2022 |
| CVE-2023-28585 | High | High | TZ Secure OS | Internal |
| CVE-2023-28586 | High | Medium | TZ Secure OS | Internal |
| CVE-2023-28587 | High | High | BT Controller | Internal |
| CVE-2023-33017 | High | High | Boot | Internal |
| CVE-2023-33018 | High | High | User Identity Module | Internal |
| CVE-2023-33022 | High | High | HLOS | Internal |
| CVE-2023-33042 | High | High | Modem | 05/11/2023 |
| CVE-2023-33043 | High | High | Modem | 04/20/2023 |
| CVE-2023-33044 | High | High | Data Modem | 04/20/2023 |
| CVE-2023-33054 | High | Critical | GPS HLOS Driver | 03/18/2023 |
| CVE-2023-33080 | High | High | WLAN Firmware | Internal |
| CVE-2023-33081 | High | High | WLAN Firmware | Internal |
| CVE-2023-33088 | High | High | WLAN Firmware | Internal |
| CVE-2023-33089 | High | High | WLAN Firmware | Internal |
| CVE-2023-33097 | High | High | WLAN Firmware | Internal |
| CVE-2023-33098 | High | High | WLAN Firmware | Internal |
This table lists moderate security vulnerabilities. OEMs have been notified and encouraged to patch these issues.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
|---|---|---|---|---|
| CVE-2023-21634 | Medium | Medium | Radio Interface Layer | 08/10/2022 |
| CVE-2023-33024 | Medium | Medium | Radio Interface Layer | 01/20/2023 |
| CVE-2023-33041 | Medium | High | WLAN Firmware | 03/30/2023 |
CVE-2023-33082
| CVE ID | CVE-2023-33082 |
| Title | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Host |
| Description | Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. |
| Technology Area | WIN WLAN Host |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Remote |
| Security Rating | Critical |
| CVSS Rating | Critical |
| CVSS Score | 9.8 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | AR8035, AR9380, CSR8811, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5028, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, PMP8074, QCA0000, QCA4024, QCA6391, QCA7500, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9985, QCA9986, QCA9988, QCA9990, QCA9992, QCA9994, QCC710, QCF8000, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5502, QCN6023, QCN6024, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN9000, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QFW7114, QFW7124, QRB5165M, QRB5165N, Robotics RB5 Platform, SDX55, SDX65M, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, WCD9340, WCD9380, WCD9385, WCN3980 |
CVE-2023-33083
| CVE ID | CVE-2023-33083 |
| Title | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Host |
| Description | Memory corruption in WLAN Host while processing RRM beacon on the AP. |
| Technology Area | WIN WLAN Host |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Remote |
| Security Rating | Critical |
| CVSS Rating | Critical |
| CVSS Score | 9.8 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | AR8035, AR9380, CSR8811, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5028, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9570, IPQ9574, PMP8074, QCA0000, QCA4024, QCA6391, QCA7500, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9985, QCA9986, QCA9988, QCA9990, QCA9992, QCA9994, QCC710, QCF8000, QCF8001, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5502, QCN6023, QCN6024, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN9000, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QFW7114, QFW7124, QRB5165M, QRB5165N, Robotics RB5 Platform, SDX55, SDX65M, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, WCD9340, WCD9380, WCD9385, WCN3980 |
CVE-2023-28546
| CVE ID | CVE-2023-28546 |
| Title | Buffer Copy Without Checking Size of Input in SPS Applications |
| Description | Memory Corruption in SPS Application while exporting public key in sorter TA. |
| Technology Area | SPS-Applications |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | 315 5G IoT Modem, 9205 LTE Modem, APQ8017, APQ8037, APQ8064AU, AQT1000, AR8031, AR8035, C-V2X 9150, CSRA6620, CSRA6640, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Home Hub 100 Platform, MDM9205S, MDM9640, MDM9650, MSM8996AU, PM8937, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA4004, QCA6174A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCA9379, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN7606, QCN9011, QCN9012, QCN9024, QCN9074, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS7230, QCS8155, QCS8250, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRB5165M, QRB5165N, QRU1032, QRU1052, QRU1062, QSM8250, QSM8350, QTS110, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 455, SD 675, SD 8 Gen1 5G, SD460, SD626, SD660, SD662, SD670, SD675, SD730, SD820, SD821, SD835, SD855, SD865 5G, SD888, SDM429W, SDX55, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 427 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 430 Mobile Platform, Snapdragon 435 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 450 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 625 Mobile Platform, Snapdragon 626 Mobile Platform, Snapdragon 630 Mobile Platform, Snapdragon 632 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 820 Mobile Platform, Snapdragon 821 Mobile Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 1300 Platform, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9306, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-28550
| CVE ID | CVE-2023-28550 |
| Title | Improper Restriction of Operations within the Bounds of a Memory Buffer in MPP Performance |
| Description | Memory corruption in MPP performance while accessing DSM watermark using external memory address. |
| Technology Area | Modem Power Performance |
| Vulnerability Type | CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/05/01 |
| Affected Chipsets* | 315 5G IoT Modem, 9205 LTE Modem, 9206 LTE Modem, 9207 LTE Modem, APQ8017, APQ8037, AQT1000, AR8031, AR8035, C-V2X 9150, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, FSM10055, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, IPQ5010, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8207, MDM9205S, MDM9230, MDM9250, MDM9330, MDM9628, MDM9630, MDM9640, MSM8108, MSM8209, MSM8608, MSM8909W, MSM8996AU, PMP8074, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA2062, QCA2064, QCA2065, QCA2066, QCA4004, QCA4024, QCA6174, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9888, QCA9889, QCA9984, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6224, QCN6274, QCN7605, QCN7606, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRU1032, QRU1052, QRU1062, QSM8350, QTS110, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB3 Platform, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 455, SD 675, SD 8 Gen1 5G, SD 8CX, SD460, SD626, SD660, SD662, SD670, SD675, SD730, SD820, SD835, SD855, SD865 5G, SD888, SDM429W, SDX55, SDX57M, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 200 Platform, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 1100 Wearable Platform, Snapdragon 1200 Wearable Platform, Snapdragon 208 Processor, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 430 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 630 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 850 Mobile Compute Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 1300 Platform, Snapdragon Wear 2100 Platform, Snapdragon Wear 2500 Platform, Snapdragon Wear 3100 Platform, Snapdragon Wear 4100+ Platform, Snapdragon X12 LTE Modem, Snapdragon X20 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X5 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SW5100, SW5100P, SXR1120, SXR2130, SXR2230P, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-28551
| CVE ID | CVE-2023-28551 |
| Title | Improper Restriction of Operations within the Bounds of a Memory Buffer in UTILS |
| Description | Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. |
| Technology Area | UTILS |
| Vulnerability Type | CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/12/12 |
| Customer Notified Date | 2023/05/01 |
| Affected Chipsets* | 315 5G IoT Modem, 9205 LTE Modem, 9206 LTE Modem, 9207 LTE Modem, APQ8017, APQ8037, AQT1000, AR8035, C-V2X 9150, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, FSM10055, MDM8207, MDM9205S, MDM9250, MDM9628, MDM9640, MSM8108, MSM8209, MSM8608, MSM8909W, MSM8996AU, QCA4004, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595AU, QCA6696, QCA6698AQ, QCA8081, QCA8337, QCA9367, QCA9377, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN9024, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRU1032, QRU1052, QRU1062, QTS110, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB3 Platform, SC8180X+SDX55, SD 455, SD 675, SD460, SD626, SD660, SD662, SD670, SD675, SD730, SD820, SD835, SD855, SD865 5G, SD888, SDM429W, SDX55, SDX57M, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 200 Platform, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 1100 Wearable Platform, Snapdragon 1200 Wearable Platform, Snapdragon 208 Processor, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 430 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 630 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 1300 Platform, Snapdragon Wear 2100 Platform, Snapdragon Wear 2500 Platform, Snapdragon Wear 3100 Platform, Snapdragon Wear 4100+ Platform, Snapdragon X12 LTE Modem, Snapdragon X20 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X5 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon Auto 4G Modem, SW5100, SW5100P, SXR1120, SXR2130, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-28585
| CVE ID | CVE-2023-28585 |
| Title | Integer Overflow to Buffer Overflow in TZ Secure OS |
| Description | Memory corruption while loading an ELF segment in TEE Kernel. |
| Technology Area | TZ Secure OS |
| Vulnerability Type | CWE-680 Integer Overflow to Buffer Overflow |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.2 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | 315 5G IoT Modem, 9205 LTE Modem, AQT1000, AR8031, AR8035, C-V2X 9150, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, FSM10056, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5332, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ9008, IPQ9554, IPQ9570, IPQ9574, MDM9205S, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA0000, QCA4004, QCA4024, QCA6174A, QCA6310, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9377, QCA9984, QCC710, QCF8000, QCF8001, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN5021, QCN5022, QCN5052, QCN5121, QCN5122, QCN5152, QCN6023, QCN6024, QCN6224, QCN6274, QCN7606, QCN9000, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9274, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS7230, QCS8155, QCS8250, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRB5165M, QRB5165N, QRU1032, QRU1052, QRU1062, QSM8250, QSM8350, QTS110, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 675, SD 8 Gen1 5G, SD 8CX, SD460, SD662, SD670, SD675, SD730, SD855, SD865 5G, SD888, SDX55, SDX57M, SDX65M, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 845 Mobile Platform, Snapdragon 850 Mobile Compute Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 1300 Platform, Snapdragon X24 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9306, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-28586
| CVE ID | CVE-2023-28586 |
| Title | Improper Restriction of Operation within the Bounds of a Memory Buffer in TZ Secure OS |
| Description | Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. |
| Technology Area | TZ Secure OS |
| Vulnerability Type | CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | Medium |
| CVSS Score | 6.0 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
| Date Reported | Internal |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | 315 5G IoT Modem, 9205 LTE Modem, AQT1000, AR8031, AR8035, C-V2X 9150, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, FSM10056, Home Hub 100 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5332, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ9008, IPQ9554, IPQ9570, IPQ9574, MDM9205S, MDM9250, MDM9628, MDM9640, MDM9650, MSM8108, MSM8209, MSM8608, MSM8996AU, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA0000, QCA4004, QCA4024, QCA6174A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9367, QCA9377, QCA9379, QCA9984, QCC710, QCF8000, QCF8001, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN5021, QCN5022, QCN5052, QCN5121, QCN5122, QCN5152, QCN6023, QCN6024, QCN6224, QCN6274, QCN7605, QCN7606, QCN9000, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9274, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS7230, QCS8155, QCS8250, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRB5165M, QRB5165N, QRU1032, QRU1052, QRU1062, QSM8250, QSM8350, QTS110, Qualcomm 205 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 675, SD 8 Gen1 5G, SD 8CX, SD460, SD662, SD670, SD675, SD730, SD820, SD821, SD835, SD855, SD865 5G, SD888, SDX55, SDX57M, SDX65M, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 200 Platform, Smart Audio 400 Platform, Snapdragon 208 Processor, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 820 Mobile Platform, Snapdragon 821 Mobile Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 850 Mobile Compute Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 1300 Platform, Snapdragon X12 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-28587
| CVE ID | CVE-2023-28587 |
| Title | Improper Restriction of Operations within the Bounds of a Memory Buffer in BT Controller |
| Description | Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. |
| Technology Area | BT Controller |
| Vulnerability Type | CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | 315 5G IoT Modem, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA2062, QCA2064, QCA2065, QCA2066, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC2073, QCC2076, QCC710, QCC711, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN7605, QCN7606, QCN9024, QCN9074, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS8550, QFW7114, QFW7124, QSM8350, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 8 Gen1 5G, SD660, SD855, SD865 5G, SD888, SDX55, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33017
| CVE ID | CVE-2023-33017 |
| Title | Buffer Copy Without Checking Size of Input in Boot |
| Description | Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. |
| Technology Area | Boot |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | 315 5G IoT Modem, 9205 LTE Modem, 9206 LTE Modem, 9207 LTE Modem, AQT1000, AR8031, AR8035, C-V2X 9150, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, FSM10056, Home Hub 100 Platform, MDM8207, MDM9205S, MDM9250, MDM9628, MDM9650, MSM8108, MSM8209, MSM8608, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA4004, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCA9367, QCA9377, QCA9379, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN7606, QCN9011, QCN9012, QCN9024, QCN9074, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS7230, QCS8155, QCS8250, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRB5165M, QRB5165N, QRU1032, QRU1052, QRU1062, QSM8250, QSM8350, QTS110, Qualcomm 205 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 675, SD 8 Gen1 5G, SD460, SD662, SD670, SD675, SD730, SD835, SD855, SD865 5G, SD888, SDX55, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 200 Platform, Smart Audio 400 Platform, Snapdragon 1100 Wearable Platform, Snapdragon 1200 Wearable Platform, Snapdragon 208 Processor, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 1300 Platform, Snapdragon X12 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X5 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33018
| CVE ID | CVE-2023-33018 |
| Title | Integer Overflow to Buffer Overflow in User Identity Module |
| Description | memory corruption while using the UIM diag command to get the operator’s name. |
| Technology Area | User Identity Module |
| Vulnerability Type | CWE-680 Integer Overflow to Buffer Overflow |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | 315 5G IoT Modem, 9205 LTE Modem, 9206 LTE Modem, 9207 LTE Modem, APQ8017, APQ8037, AQT1000, AR6003, AR8035, C-V2X 9150, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, MDM8207, MDM8215, MDM8215M, MDM8615M, MDM9205S, MDM9215, MDM9250, MDM9310, MDM9615, MDM9615M, MDM9628, MDM9640, MSM8108, MSM8209, MSM8608, MSM8909W, MSM8996AU, QCA4004, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595AU, QCA6696, QCA6698AQ, QCA8081, QCA8337, QCA9367, QCA9377, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN9024, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS8550, QFW7114, QFW7124, QTS110, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB3 Platform, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SD 455, SD 675, SD460, SD626, SD660, SD662, SD670, SD675, SD730, SD820, SD835, SD855, SD865 5G, SD888, SDM429W, SDX55, SDX57M, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 200 Platform, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 1100 Wearable Platform, Snapdragon 1200 Wearable Platform, Snapdragon 208 Processor, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 430 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 630 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 1300 Platform, Snapdragon Wear 2100 Platform, Snapdragon Wear 2500 Platform, Snapdragon Wear 3100 Platform, Snapdragon Wear 4100+ Platform, Snapdragon X12 LTE Modem, Snapdragon X20 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X5 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon Auto 4G Modem, SW5100, SW5100P, SXR1120, SXR2130, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33022
| CVE ID | CVE-2023-33022 |
| Title | Integer Overflow to Buffer Overflow in HLOS |
| Description | Memory corruption in HLOS while invoking IOCTL calls from user-space. |
| Technology Area | HLOS |
| Vulnerability Type | CWE-680 Integer Overflow to Buffer Overflow |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | 315 5G IoT Modem, AQT1000, AR8035, CSRA6620, CSRA6640, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC710, QCM2290, QCM4290, QCM4325, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN7606, QCN9024, QCS2290, QCS410, QCS4290, QCS5430, QCS610, QCS6125, QCS6490, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRB5165M, QRB5165N, QRU1032, QRU1052, QRU1062, QSM8250, QSM8350, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 675, SD 8 Gen1 5G, SD670, SD675, SD730, SD855, SD865 5G, SD888, SDX55, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33042
| CVE ID | CVE-2023-33042 |
| Title | Improper Input Validation in Modem |
| Description | Transient DOS in Modem after RRC Setup message is received. |
| Technology Area | Modem |
| Vulnerability Type | CWE-20 Improper Input Validation |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | 2023/05/11 |
| Customer Notified Date | 2023/08/07 |
| Affected Chipsets* | 315 5G IoT Modem, AR8035, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QCA6391, QCA6421, QCA6426, QCA6431, QCA6436, QCA6574A, QCA6595AU, QCA6696, QCA6698AQ, QCA8081, QCA8337, QCM6490, QCN6024, QCN9024, QCS6490, QCS8550, Qualcomm® Video Collaboration VC3 Platform, SD855, SD865 5G, SD888, SDX55, SDX57M, SM7250P, SM7315, SM7325P, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon Auto 5G Modem-RF, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon XR2 5G Platform, SXR2130, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3988, WCN6740, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2023-33043
| CVE ID | CVE-2023-33043 |
| Title | Reachable Assertion in Modem |
| Description | Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. |
| Technology Area | Modem |
| Vulnerability Type | CWE-617 Reachable Assertion |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | 2023/04/20 |
| Customer Notified Date | 2023/08/07 |
| Affected Chipsets* | AR8035, FastConnect 6200, FastConnect 6700, FastConnect 6900, FastConnect 7800, QCA6391, QCA8081, QCA8337, QCM4490, QCM6490, QCM8550, QCN6024, QCN9024, QCS4490, QCS6490, QCS8550, Qualcomm® Video Collaboration VC3 Platform, SD888, SDX57M, SM7315, SM7325P, SM8550P, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 695 5G Mobile Platform, Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN3988, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33044
| CVE ID | CVE-2023-33044 |
| Title | Reachable Assertion in Data Modem |
| Description | Transient DOS in Data modem while handling TLB control messages from the Network. |
| Technology Area | Data Modem |
| Vulnerability Type | CWE-617 Reachable Assertion |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | 2023/04/20 |
| Customer Notified Date | 2023/08/07 |
| Affected Chipsets* | 315 5G IoT Modem, AR8035, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QCA6391, QCA6421, QCA6426, QCA6431, QCA6436, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA6698AQ, QCA8081, QCA8337, QCM4490, QCM6490, QCM8550, QCN6024, QCN9024, QCS4490, QCS6490, QCS8550, Qualcomm® Video Collaboration VC3 Platform, SD855, SD865 5G, SD888, SDX55, SDX57M, SM7250P, SM7315, SM7325P, SM8550P, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon Auto 5G Modem-RF, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon XR2 5G Platform, SXR2130, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN3988, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33054
| CVE ID | CVE-2023-33054 |
| Title | Improper Authentication in GPS HLOS Driver |
| Description | Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. |
| Technology Area | GPS HLOS Driver |
| Vulnerability Type | CWE-287 Improper Authentication |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | Critical |
| CVSS Score | 9.1 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| Date Reported | 2023/03/18 |
| Customer Notified Date | 2023/08/07 |
| Affected Chipsets* | 315 5G IoT Modem, AQT1000, AR8035, CSRA6620, CSRA6640, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8295P, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA8081, QCA8337, QCA9377, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN9024, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS8250, QCS8550, QFW7114, QFW7124, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 8 Gen1 5G, SD660, SD730, SD835, SD855, SD865 5G, SD888, SDX55, SG4150P, SM6250, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 660 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 4100+ Platform, Snapdragon X12 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SW5100, SW5100P, SXR2130, Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33080
| CVE ID | CVE-2023-33080 |
| Title | Buffer over-read in WLAN Firmware |
| Description | Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | 315 5G IoT Modem, 9206 LTE Modem, APQ8017, APQ8064AU, AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Home Hub 100 Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ4018, IPQ4028, IPQ4029, IPQ5010, IPQ5028, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, MDM8215, MDM9215, MDM9250, MDM9310, MDM9615, MDM9628, MDM9640, MDM9645, MDM9650, MSM8996AU, PMP8074, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA0000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA4024, QCA4531, QCA6174, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6554A, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9367, QCA9377, QCA9379, QCA9886, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9985, QCA9986, QCA9990, QCA9992, QCA9994, QCC2073, QCC2076, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM6125, QCM6490, QCM8550, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN7605, QCN7606, QCN9000, QCN9001, QCN9002, QCN9003, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS2290, QCS410, QCS4290, QCS4490, QCS610, QCS6125, QCS6490, QCS7230, QCS8250, QCS8550, QFW7114, QFW7124, QRB5165M, QRB5165N, QSM8350, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SC8180X+SDX55, SD 455, SD 675, SD 8 Gen1 5G, SD 8CX, SD460, SD626, SD660, SD662, SD670, SD675, SD730, SD820, SD821, SD835, SD855, SD865 5G, SD888, SDX20M, SDX55, SDX65M, SG4150P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 200 Platform, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 1200 Wearable Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 630 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 820 Mobile Platform, Snapdragon 821 Mobile Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 850 Mobile Compute Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X12 LTE Modem, Snapdragon X20 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X5 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33081
| CVE ID | CVE-2023-33081 |
| Title | Buffer over-read in WLAN Firmware |
| Description | Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | AQT1000, AR8035, CSR8811, FastConnect 6200, FastConnect 6800, FastConnect 6900, FastConnect 7800, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, QAM8255P, QAM8650P, QAM8775P, QCA0000, QCA1062, QCA1064, QCA4024, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9888, QCA9889, QCC2073, QCC2076, QCC710, QCF8000, QCF8001, QCM8550, QCN5022, QCN5024, QCN5052, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN9000, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QFW7114, QFW7124, SC8180X+SDX55, SC8380XP, SD865 5G, SDX55, SDX65M, SM8550P, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon AR2 Gen 1 Platform, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, SSG2115P, SSG2125P, SXR1230P, SXR2130, SXR2230P, WCD9340, WCD9341, WCD9380, WCD9385, WCD9390, WCD9395, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33088
| CVE ID | CVE-2023-33088 |
| Title | NULL pointer dereference in WLAN Firmware |
| Description | Memory corruption when processing cmd parameters while parsing vdev. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-476 NULL Pointer Dereference |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | 315 5G IoT Modem, AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, PMP8074, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA0000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA4024, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9886, QCA9888, QCA9889, QCA9980, QCA9984, QCA9985, QCA9986, QCA9990, QCA9992, QCA9994, QCC2073, QCC2076, QCC710, QCF8000, QCF8001, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN7605, QCN7606, QCN9000, QCN9001, QCN9002, QCN9003, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS7230, QCS8250, QCS8550, QFW7114, QFW7124, QRB5165M, QRB5165N, QSM8250, QSM8350, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 675, SD 8 Gen1 5G, SD 8CX, SD460, SD660, SD662, SD670, SD675, SD730, SD855, SD865 5G, SD888, SDX55, SDX65M, SG4150P, SG8275P, SM4125, SM6250, SM6250P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 712 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33089
| CVE ID | CVE-2023-33089 |
| Title | NULL Pointer Dereference in WLAN Firmware |
| Description | Transient DOS when processing a NULL buffer while parsing WLAN vdev. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-476 NULL Pointer Dereference |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | 315 5G IoT Modem, AQT1000, AR8035, AR9380, CSR8811, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, PMP8074, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA0000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA4024, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9886, QCA9888, QCA9889, QCA9980, QCA9984, QCA9985, QCA9986, QCA9990, QCA9992, QCA9994, QCC2073, QCC2076, QCC710, QCF8000, QCF8001, QCM4490, QCM5430, QCM6490, QCM8550, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN9000, QCN9001, QCN9002, QCN9003, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS4490, QCS5430, QCS6490, QCS8550, QFW7114, QFW7124, QRB5165M, QRB5165N, QSM8250, QSM8350, Qualcomm® Video Collaboration VC3 Platform, Robotics RB5 Platform, SA4150P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 8 Gen1 5G, SD865 5G, SD888, SDX55, SDX65M, SG8275P, SM7315, SM7325P, SM8550P, Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SXR1230P, SXR2130, SXR2230P, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN3980, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33097
| CVE ID | CVE-2023-33097 |
| Title | Buffer Over-read in WLAN Firmware |
| Description | Transient DOS in WLAN Firmware while processing a FTMR frame. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | AR8035, CSR8811, FastConnect 6900, FastConnect 7800, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, QAM8255P, QAM8650P, QAM8775P, QCA0000, QCA4024, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9888, QCA9889, QCC2073, QCC2076, QCC710, QCF8000, QCF8001, QCM8550, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN9000, QCN9001, QCN9002, QCN9003, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS8550, QFW7114, QFW7124, SC8380XP, SD 8 Gen1 5G, SDX55, SDX65M, SG8275P, SM8550P, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon AR2 Gen 1 Platform, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, SSG2115P, SSG2125P, SXR1230P, SXR2230P, WCD9340, WCD9380, WCD9385, WCD9390, WCD9395, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-33098
| CVE ID | CVE-2023-33098 |
| Title | Buffer Over-read in WLAN Firmware |
| Description | Transient DOS while parsing WPA IES, when it is passed with length more than expected size. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | 315 5G IoT Modem, AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, PMP8074, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA0000, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA4024, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9377, QCA9886, QCA9888, QCA9889, QCA9980, QCA9984, QCA9985, QCA9986, QCA9990, QCA9992, QCA9994, QCC2073, QCC2076, QCC710, QCF8000, QCF8001, QCM2290, QCM4290, QCM4490, QCM5430, QCM6490, QCM8550, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN7605, QCN7606, QCN9000, QCN9001, QCN9002, QCN9003, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS2290, QCS4290, QCS4490, QCS5430, QCS6490, QCS7230, QCS8250, QCS8550, QFW7114, QFW7124, QRB5165M, QRB5165N, QSM8250, QSM8350, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 8 Gen1 5G, SD660, SD865 5G, SD888, SDX55, SDX65M, SG8275P, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 660 Mobile Platform, Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1230P, SXR2130, SXR2230P, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
CVE-2023-21634
| CVE ID | CVE-2023-21634 |
| Title | Improper Restriction of Operations within the Bounds of a Memory Buffer in Radio Interface Layer |
| Description | Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM. |
| Technology Area | Radio Interface Layer |
| Vulnerability Type | CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.7 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/08/10 |
| Customer Notified Date | 2023/01/02 |
| Affected Chipsets* | AQT1000, FastConnect 6200, FastConnect 6800, FastConnect 6900, QCA6310, QCA6320, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6574AU, QCA6595AU, QCA6696, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SD835, SD855, SD865 5G, Snapdragon 835 Mobile PC Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 4100+ Platform, Snapdragon X55 5G Modem-RF System, Snapdragon XR2 5G Platform, SW5100, SW5100P, SXR2130, WCD9335, WCD9340, WCD9341, WCD9380, WCN3610, WCN3660B, WCN3680B, WCN3980, WCN3988, WCN3990, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2023-33024
| CVE ID | CVE-2023-33024 |
| Title | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Radio Interface Layer |
| Description | Memory corruption while sending SMS from AP firmware. |
| Technology Area | Radio Interface Layer |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.7 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2023/01/20 |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | AQT1000, AR8035, FastConnect 6200, FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8295P, QCA6310, QCA6320, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6574AU, QCA6595AU, QCA6696, QCA6698AQ, QCA8081, QCA8337, QCC710, QCN6224, QCN6274, QFW7114, QFW7124, SA4150P, SA4155P, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, SD835, SD855, SD865 5G, Snapdragon 835 Mobile PC Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon Auto 5G Modem-RF, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 4100+ Platform, Snapdragon X55 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, SW5100, SW5100P, SXR2130, WCD9335, WCD9340, WCD9341, WCD9380, WCN3610, WCN3660B, WCN3680B, WCN3980, WCN3988, WCN3990, WSA8810, WSA8815, WSA8830, WSA8835 |
CVE-2023-33041
| CVE ID | CVE-2023-33041 |
| Title | Reachable assertion in WLAN Firmware |
| Description | Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. |
| Technology Area | WLAN Firmware |
| Vulnerability Type | CWE-617 Reachable Assertion |
| Access Vector | Remote |
| Security Rating | Medium |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | 2023/03/30 |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | AR8035, CSR8811, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, PMP8074, QAM8255P, QAM8650P, QAM8775P, QCA0000, QCA4024, QCA6391, QCA6554A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8072, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8337, QCA8386, QCA9888, QCA9889, QCC2073, QCC2076, QCC710, QCF8000, QCF8001, QCM8550, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN9000, QCN9011, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QFW7114, QFW7124, QRB5165M, QRB5165N, Robotics RB5 Platform, SC8380XP, SDX55, SDX65M, SM8550P, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon AR2 Gen 1 Platform, Snapdragon X65 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, SSG2115P, SSG2125P, SXR1230P, SXR2230P, WCD9340, WCD9380, WCD9385, WCD9390, WCD9395, WCN3980, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
*The list of affected chipsets may not be complete. For latest information, device OEMs can contact QTI directly at www.qualcomm.com/support.
Open Source Software Issues
The tables below summarize security vulnerabilities that were addressed through open source software
This table lists high impact security vulnerabilities. Patches are being actively shared with OEMs, who have been notified and strongly recommended to deploy those patches on released devices as soon as possible. Please contact the device manufacturer for information on the patching status of released devices.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
|---|---|---|---|---|
| CVE-2023-28588 | High | High | Bluetooth HOST | Internal |
| CVE-2023-33053 | High | High | Kernel | Internal |
| CVE-2023-33063 | High | High | DSP Service | 12/18/2022 |
| CVE-2023-33070 | High | High | Automotive Android OS | 11/17/2022 |
| CVE-2023-33071 | High | High | Automotive Android OS | 11/25/2022 |
| CVE-2023-33079 | High | High | Audio | 03/21/2023 |
| CVE-2023-33087 | High | High | Qualcomm IPC | Internal |
| CVE-2023-33092 | High | High | Bluetooth HOST | 04/18/2023 |
| CVE-2023-33106 | High | High | Graphics | 09/08/2023 |
| CVE-2023-33107 | High | High | Graphics | 09/08/2023 |
This table lists moderate security vulnerabilities. OEMs have been notified and encouraged to patch these issues.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
|---|---|---|---|---|
| CVE-2023-22383 | Medium | Medium | Camera Driver | 11/09/2022 |
| CVE-2023-22668 | Medium | Medium | Audio | 11/20/2022 |
| CVE-2023-28579 | Medium | Medium | WLAN HOST | 08/29/2022 |
| CVE-2023-28580 | Medium | Medium | WLAN HOST | 09/29/2022 |
CVE-2023-28588
| CVE ID | CVE-2023-28588 |
| Title | Integer Overflow or Wraparound in Bluetooth Host |
| Description | Transient DOS in Bluetooth Host while rfc slot allocation. |
| Technology Area | Bluetooth HOST |
| Vulnerability Type | CWE-190 Integer Overflow or Wraparound |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | APQ8017, APQ8064AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, MSM8108, MSM8209, MSM8608, MSM8996AU, QAM8295P, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA8081, QCA8337, QCC710, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN6224, QCN6274, QCN7606, QCN9011, QCN9012, QCN9074, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS7230, QCS8250, QCS8550, QFW7114, QFW7124, QRB5165M, QRB5165N, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 675, SD 8 Gen1 5G, SD626, SD660, SD670, SD675, SD730, SD835, SD855, SD865 5G, SD888, SDX55, SG4150P, SG8275P, SM4125, SM6250, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 200 Platform, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 208 Processor, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 625 Mobile Platform, Snapdragon 626 Mobile Platform, Snapdragon 630 Mobile Platform, Snapdragon 632 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon AR2 Gen 1 Platform, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
| Patch** |
CVE-2023-33053
| CVE ID | CVE-2023-33053 |
| Title | Improper Validation of Array Index in Kernel |
| Description | Memory corruption in Kernel while parsing metadata. |
| Technology Area | Kernel |
| Vulnerability Type | CWE-129 Improper Validation of Array Index |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | CSR8811, FastConnect 6700, FastConnect 6900, FastConnect 7800, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5332, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9554, IPQ9570, IPQ9574, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA0000, QCA4024, QCA6174A, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8075, QCA8081, QCA8082, QCA8084, QCA8085, QCA8386, QCA9377, QCA9888, QCA9889, QCF8000, QCF8001, QCM6490, QCN5022, QCN5024, QCN5052, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN6112, QCN6122, QCN6132, QCN9000, QCN9012, QCN9013, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS6490, Qualcomm® Video Collaboration VC3 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SDX55, SDX65M, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon Auto 5G Modem-RF, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X12 LTE Modem, Snapdragon X65 5G Modem-RF System, SW5100, SW5100P, WCD9335, WCD9370, WCD9375, WCD9380, WCD9385, WCN3980, WCN3988, WSA8830, WSA8835 |
| Patch** |
CVE-2023-33063
| CVE ID | CVE-2023-33063 |
| Title | Use After Free in DSP Services |
| Description | Memory corruption in DSP Services during a remote call from HLOS to DSP. |
| Technology Area | DSP Service |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/12/18 |
| Customer Notified Date | 2023/08/07 |
| Affected Chipsets* | 315 5G IoT Modem, APQ8017, AQT1000, AR8031, AR8035, AR9380, C-V2X 9150, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8070, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9650, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA4024, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA7500, QCA8075, QCA8081, QCA8337, QCA9377, QCA9880, QCA9886, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9985, QCA9990, QCA9992, QCA9994, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCN5022, QCN5024, QCN5052, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN6023, QCN6024, QCN9000, QCN9011, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS7230, QCS8155, QCS8250, QCS8550, QRB5165M, QRB5165N, QSM8250, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SD 675, SD 8 Gen1 5G, SD626, SD660, SD670, SD675, SD730, SD835, SD855, SD865 5G, SD888, SDM429W, SDX55, SG4150P, SG8275P, SM4125, SM6250, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 625 Mobile Platform, Snapdragon 626 Mobile Platform, Snapdragon 632 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 4100+ Platform, Snapdragon X12 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
| Patch** |
CVE-2023-33070
| CVE ID | CVE-2023-33070 |
| Title | Improper Authentication in Automotive OS |
| Description | Transient DOS in Automotive OS due to improper authentication to the secure IO calls. |
| Technology Area | Automotive Android OS |
| Vulnerability Type | CWE-287 Improper Authentication |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.1 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
| Date Reported | 2022/11/17 |
| Customer Notified Date | 2023/10/02 |
| Affected Chipsets* | AQT1000, AR8031, AR8035, C-V2X 9150, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, QAM8255P, QAM8295P, QAM8775P, QCA6174A, QCA6310, QCA6335, QCA6391, QCA6420, QCA6430, QCA6564, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA8337, QCA9377, QCM6125, QCN9074, QCS410, QCS610, QCS6125, QCS8155, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB3 Platform, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8770P, SA8775P, SA9000P, SD 675, SD660, SD675, SD730, SD855, SDM429W, SDX55, Smart Audio 400 Platform, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon Auto 5G Modem-RF, Snapdragon Wear 4100+ Platform, Snapdragon X24 LTE Modem, Snapdragon Auto 4G Modem, Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3990, WSA8810, WSA8815 |
| Patch** |
CVE-2023-33071
| CVE ID | CVE-2023-33071 |
| Title | Improper Access Control in Automotive OS Platform Android |
| Description | Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. |
| Technology Area | Automotive Android OS |
| Vulnerability Type | CWE-284 Improper Access Control |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/11/25 |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | QCA6574, QCA6574A, QCA6574AU, QCA6595AU, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P |
| Patch** |
CVE-2023-33079
| CVE ID | CVE-2023-33079 |
| Title | Use of Out-of-range Pointer Offset in Audio |
| Description | Memory corruption in Audio while running invalid audio recording from ADSP. |
| Technology Area | Audio |
| Vulnerability Type | CWE-823 Use of Out-of-range Pointer Offset |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2023/03/21 |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | AR8035, CSRA6620, CSRA6640, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA6391, QCA6426, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC710, QCM2290, QCM4290, QCM4325, QCM5430, QCM6490, QCM8550, QCN6224, QCN6274, QCN9011, QCN9012, QCS2290, QCS410, QCS4290, QCS5430, QCS610, QCS6490, QCS7230, QCS8250, QCS8550, QFW7114, QFW7124, QRB5165M, QRB5165N, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SD660, SD865 5G, SD888, SG4150P, SG8275P, SM4125, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X55 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SW5100, SW5100P, SXR2130, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8835, WSA8840, WSA8845, WSA8845H |
| Patch** |
CVE-2023-33087
| CVE ID | CVE-2023-33087 |
| Title | Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Core |
| Description | Memory corruption in Core while processing RX intent request. |
| Technology Area | Qualcomm IPC |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | AR8035, CSRA6620, CSRA6640, FastConnect 6200, FastConnect 6700, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA6391, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC710, QCM4325, QCM4490, QCM5430, QCM6490, QCM8550, QCN6224, QCN6274, QCN9011, QCN9012, QCS410, QCS4490, QCS5430, QCS610, QCS6490, QCS7230, QCS8250, QCS8550, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QFW7114, QFW7124, QRB5165M, QRB5165N, QRU1032, QRU1052, QRU1062, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SD 8 Gen1 5G, SG4150P, SG8275P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X75 5G Modem-RF System, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1230P, SXR2230P, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN3980, WCN3988, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
| Patch** |
CVE-2023-33092
| CVE ID | CVE-2023-33092 |
| Title | Buffer Copy Without Checking Size of Input in Bluetooth HOST |
| Description | Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. |
| Technology Area | Bluetooth HOST |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2023/04/18 |
| Customer Notified Date | 2023/09/04 |
| Affected Chipsets* | AQT1000, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QCA6310, QCA6320, QCA6391, QCA6420, QCA6430, QCM4325, QCM4490, QCM5430, QCM6490, QCM8550, QCS4490, QCS5430, QCS6490, QCS7230, QCS8250, QCS8550, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, SD730, SD835, SD855, SD888, SG4150P, SM6250, SM7250P, SM7315, SM7325P, SM8550P, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 662 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon X55 5G Modem-RF System, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3615, WCN3660B, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
| Patch** |
CVE-2023-33106
| CVE ID | CVE-2023-33106 |
| Title | Use of Out-of-range Pointer Offset in Graphics |
| Description | Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. |
| Technology Area | Graphics |
| Vulnerability Type | CWE-823 Use of Out-of-range Pointer Offset |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2023/09/08 |
| Customer Notified Date | 2023/09/12 |
| Affected Chipsets* | AR8035, CSRA6620, CSRA6640, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA6174A, QCA6391, QCA6426, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6490, QCM8550, QCN6024, QCN9011, QCN9012, QCN9024, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6490, QCS7230, QCS8250, QCS8550, QRB5165M, QRB5165N, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SD 8 Gen1 5G, SD660, SD865 5G, SD888, SG4150P, SG8275P, SM4125, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X12 LTE Modem, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1230P, SXR2130, SXR2230P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
| Patch** |
CVE-2023-33107
| CVE ID | CVE-2023-33107 |
| Title | Integer Overflow or Wraparound in Graphics Linux |
| Description | Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. |
| Technology Area | Graphics |
| Vulnerability Type | CWE-190 Integer Overflow or Wraparound |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.4 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2023/09/08 |
| Customer Notified Date | 2023/09/12 |
| Affected Chipsets* | 315 5G IoT Modem, APQ8017, APQ8064AU, AQT1000, AR8031, AR8035, C-V2X 9150, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, MDM9250, MDM9650, MSM8108, MSM8209, MSM8608, MSM8909W, MSM8996AU, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA6174A, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN9011, QCN9012, QCN9024, QCN9074, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, QCS7230, QCS8155, QCS8250, QCS8550, QRB5165M, QRB5165N, QSM8250, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8770P, SA8775P, SA9000P, SD 675, SD 8 Gen1 5G, SD626, SD660, SD670, SD675, SD730, SD835, SD855, SD865 5G, SD888, SDM429W, SDX20M, SDX55, SG4150P, SG8275P, SM4125, SM6250, SM7250P, SM7315, SM7325P, SM8550P, Smart Audio 200 Platform, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 208 Processor, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 625 Mobile Platform, Snapdragon 626 Mobile Platform, Snapdragon 630 Mobile Platform, Snapdragon 632 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 2100 Platform, Snapdragon Wear 2500 Platform, Snapdragon Wear 3100 Platform, Snapdragon Wear 4100+ Platform, Snapdragon X12 LTE Modem, Snapdragon X20 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6740, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
| Patch** |
CVE-2023-22383
| CVE ID | CVE-2023-22383 |
| Title | Use After Free in Camera |
| Description | Memory Corruption in camera while installing a fd for a particular DMA buffer. |
| Technology Area | Camera Driver |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.7 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/11/09 |
| Customer Notified Date | 2023/04/03 |
| Affected Chipsets* | AQT1000, C-V2X 9150, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, QAM8295P, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6574AU, QCA6696, QCA8337, QCN9074, QCS410, QCS610, QCS6490, QCS8155, QSM8250, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, SD855, SD865 5G, SDX55, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 4100+ Platform, Snapdragon X55 5G Modem-RF System, Snapdragon XR2 5G Platform, SW5100, SW5100P, SXR2130, WCD9341, WCD9370, WCD9380, WCN3610, WCN3660B, WCN3680B, WCN3950, WCN3980, WCN3988, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
CVE-2023-22668
| CVE ID | CVE-2023-22668 |
| Title | Use After Free in Audio |
| Description | Memory Corruption in Audio while invoking IOCTLs calls from the user-space. |
| Technology Area | Audio |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.7 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/11/20 |
| Customer Notified Date | 2023/04/03 |
| Affected Chipsets* | AQT1000, AR8035, FastConnect 6200, FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8255P, QAM8775P, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6584AU, QCA6698AQ, QCA8081, QCA8337, QCC710, QCN6224, QCN6274, QFW7114, QFW7124, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, SA8255P, SA8770P, SA8775P, SA9000P, SD855, SD865 5G, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 4100+ Platform, Snapdragon X55 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, SW5100, SW5100P, SXR2130, WCD9340, WCD9341, WCD9380, WCN3610, WCN3980, WCN3988, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
CVE-2023-28579
| CVE ID | CVE-2023-28579 |
| Title | Buffer Copy Without Checking Size of Input in WLAN Host |
| Description | Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length. |
| Technology Area | WLAN HOST |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.7 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/08/29 |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | FastConnect 6900, FastConnect 7800, QAM8295P, QCA6391, QCA6574AU, QCA6595AU, QCA6696, QCS410, QCS610, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, Snapdragon 8 Gen 1 Mobile Platform, SW5100, SW5100P, WCD9341, WCD9370, WCD9380, WCN3660B, WCN3680B, WCN3950, WCN3980, WCN3988, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
CVE-2023-28580
| CVE ID | CVE-2023-28580 |
| Title | Buffer Copy Without Checking Size of Input in WLAN Host |
| Description | Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache. |
| Technology Area | WLAN HOST |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.7 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2022/09/29 |
| Customer Notified Date | 2023/06/05 |
| Affected Chipsets* | AR8035, FastConnect 6900, FastConnect 7800, QAM8295P, QCA6391, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCC710, QCN6224, QCN6274, QCS410, QCS610, QFW7114, QFW7124, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon X75 5G Modem-RF System, SW5100, SW5100P, WCD9340, WCD9341, WCD9370, WCD9380, WCN3660B, WCN3680B, WCN3950, WCN3980, WCN3988, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch** |
* The list of affected chipsets may not be complete. For latest information, device OEMs can contact QTI directly at www.qualcomm.com/support.
** Data is generated only at the time of bulletin creation
Industry Coordination
Security ratings of issues included in Android security bulletins and these bulletins match in the most common scenarios but may differ in some cases due to one of the following reasons:
- Consideration of security protections such as SELinux not enforced on some platforms
- Differences in assessment of some specific scenarios that involves local denial of service or privilege escalation vulnerabilities in the high level OS kernel
All Qualcomm products mentioned herein are products of Qualcomm Technologies, Inc. and/or its subsidiaries.
Qualcomm is a trademark of Qualcomm Incorporated, registered in the United States and other countries. Other product and brand names may be trademarks or registered trademarks of their respective owners.
This technical data may be subject to U.S. and international export, re-export, or transfer (“export”) laws. Diversion contrary to U.S. and international law is strictly prohibited.
Qualcomm Technologies, Inc.
San Diego, CA 92121
U.S.A.
© 2022 Qualcomm Technologies, Inc. and/or its subsidiaries. All rights reserved.
- Table of Contents
- Announcements
- Acknowledgements
- Proprietary Software Issues
- CVE-2023-33082
- CVE-2023-33083
- CVE-2023-28546
- CVE-2023-28550
- CVE-2023-28551
- CVE-2023-28585
- CVE-2023-28586
- CVE-2023-28587
- CVE-2023-33017
- CVE-2023-33018
- CVE-2023-33022
- CVE-2023-33042
- CVE-2023-33043
- CVE-2023-33044
- CVE-2023-33054
- CVE-2023-33080
- CVE-2023-33081
- CVE-2023-33088
- CVE-2023-33089
- CVE-2023-33097
- CVE-2023-33098
- CVE-2023-21634
- CVE-2023-33024
- CVE-2023-33041
- Open Source Software Issues
- CVE-2023-28588
- CVE-2023-33053
- CVE-2023-33063
- CVE-2023-33070
- CVE-2023-33071
- CVE-2023-33079
- CVE-2023-33087
- CVE-2023-33092
- CVE-2023-33106
- CVE-2023-33107
- CVE-2023-22383
- CVE-2023-22668
- CVE-2023-28579
- CVE-2023-28580
- Industry Coordination
