Main Vulnerability Database Vulnerabilities #VU76856

Stack-based buffer overflow in Qualcomm products - CVE-2023-21632

Published: June 5, 2023

Vulnerability identifier: #VU76856

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-21632

CWE-ID: CWE-121

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Qualcomm

Affected software:
APQ8064AU
QAM8295P
QCA6564A
QCA6564AU
QCA6574A
QCA6584AU
QCA6595
QCA6595AU
QCA6696
QCA6698AQ
SA6145P
SA6150P
SA6155
SA8145P
SA8150P
SA8155
SA8155P
SA8195P
SA8295P
Snapdragon 820 Automotive Platform
MSM8996AU
QCA6574AU
SA6155P
SA8540P
SA9000P

Detailed vulnerability description

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Automotive GPU. A local application can execute arbitrary code.

How to mitigate CVE-2023-21632

Install security update from vendor's website.

Sources

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2023-bulletin.html

Stack-based buffer overflow in Qualcomm products - CVE-2023-21632

Detailed vulnerability description

How to mitigate CVE-2023-21632

Sources

Please verify you're human