315 5g Iot Firmware
CVE-2023-22667
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Memory Corruption in Audio while allocating the ion buffer during the music playback.
AnalysisAI
Memory Corruption in Audio while allocating the ion buffer during the music playback. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. Memory Corruption in Audio while allocating the ion buffer during the music playback. Affected products include: Qualcomm 315 5G Iot Firmware, Qualcomm Apq8017 Firmware, Qualcomm Aqt1000 Firmware, Qualcomm Ar8031 Firmware, Qualcomm Ar8035 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.
More in 315 5g Iot Firmware
View allMemory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the vid
Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), th
Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability i
Memory corruption in WLAN HAL while handling command through WMI interfaces. Rated high severity (CVSS 7.8), this vulner
Memory Corruption in WLAN HOST while fetching TX status information. Rated high severity (CVSS 7.8), this vulnerability
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. Rated high severity (CVSS
Transient DOS may occur while processing malformed length field in SSID IEs.
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.
While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated med
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today