CVE-2023-43513 Vulnerability Details

  /     /     /  

CVE-2023-43513 Metadata Quick Info

CVE Published: 06/02/2024 | CVE Updated: 02/08/2024 | CVE Year: 2023
Source: qualcomm | Vendor: Qualcomm, Inc. | Product: Snapdragon
Status : PUBLISHED

---

CVE-2023-43513 Description

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

Metrics

CVSS Version: 3.1 | Base Score: 7.8 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* LOCAL
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* LOW
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* HIGH
    Integrity Impact (I)* HIGH
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-823
CWE Name: CWE-823 Use of Out-of-range Pointer Offset
Source: Qualcomm, Inc.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).