ID

VAR-202309-2249


CVE

CVE-2023-33021


TITLE

Use of freed memory vulnerability in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2023-011777

DESCRIPTION

Memory corruption in Graphics while processing user packets for command submission. APQ8064AU firmware, AQT1000 firmware, AR8035 Multiple Qualcomm products, such as firmware, contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2023-33021 // JVNDB: JVNDB-2023-011777

AFFECTED PRODUCTS

vendor:qualcommmodel:qca6431scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qam8255pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qrb5165nscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6797aqscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6800scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qam8295pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 636scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x50 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 782gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6700scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon xr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 888\+ 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 765g 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 870 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 480 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6421scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smart audio 200scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 780g 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4325scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 685 4gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:flight rb5 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:vision intelligence 200scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 765 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 860scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9379scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x12 ltescope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 626scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9011scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 630scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 730gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 778g\+ 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sxr2130scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa4150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8295pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 8 gen 1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon xr1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon w5\+ gen 1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 625scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd626scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x65 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6900scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sxr1120scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8064auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon auto 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 680 4gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smart audio 400scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd670scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 4 gen 1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa4155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 710scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:vision intelligence 100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 7c\+ gen 3scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9012scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x55 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 7800scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6698aqscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9371scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:home hub 100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 820scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8255pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 670scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qrb5165mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 778g 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fastconnect 6200scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 750g 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 732gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 768g 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 865\+ 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 678scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smart display 200scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 695 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon x24 ltescope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:robotics rb5scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 480\+ 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 720gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:snapdragon 855\+scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100pscope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:fastconnect 6200scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9650scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6174ascope: - version: -

Trust: 0.8

vendor:クアルコムmodel:home hub 100scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6700scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 7800scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6800scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6320scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csra6640scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6391scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fastconnect 6900scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qam8255pscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csra6620scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8064auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qam8295pscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:flight rb5 5gscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6310scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-011777 // NVD: CVE-2023-33021

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-33021
value: HIGH

Trust: 1.0

product-security@qualcomm.com: CVE-2023-33021
value: HIGH

Trust: 1.0

NVD: CVE-2023-33021
value: HIGH

Trust: 0.8

nvd@nist.gov: CVE-2023-33021
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

product-security@qualcomm.com: CVE-2023-33021
baseSeverity: HIGH
baseScore: 8.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.5
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2023-33021
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-011777 // NVD: CVE-2023-33021 // NVD: CVE-2023-33021

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.0

problemtype:Use of freed memory (CWE-416) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-011777 // NVD: CVE-2023-33021

EXTERNAL IDS

db:NVDid:CVE-2023-33021

Trust: 2.6

db:JVNDBid:JVNDB-2023-011777

Trust: 0.8

sources: JVNDB: JVNDB-2023-011777 // NVD: CVE-2023-33021

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-33021

Trust: 0.8

sources: JVNDB: JVNDB-2023-011777 // NVD: CVE-2023-33021

SOURCES

db:JVNDBid:JVNDB-2023-011777
db:NVDid:CVE-2023-33021

LAST UPDATE DATE

2024-08-14T14:43:00.369000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2023-011777date:2023-12-14T05:19:00
db:NVDid:CVE-2023-33021date:2024-04-12T17:17:15.697

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2023-011777date:2023-12-14T00:00:00
db:NVDid:CVE-2023-33021date:2023-09-05T07:15:14.717