Apq8064au Firmware
CVE-2023-21633
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
AnalysisAI
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. Affected products include: Qualcomm Apq8064Au Firmware, Qualcomm Aqt1000 Firmware, Qualcomm Fastconnect 6200 Firmware, Qualcomm Fastconnect 6800 Firmware, Qualcomm Fastconnect 6900 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Apq8064au Firmware
View allMemory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute
Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Sna
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdr
A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snap
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Com
Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connect
u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Sn
u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snap
u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no
Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Co
Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC respo
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today