Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2024-05880

Опубликовано: 19 дек. 2023
Источник: fstec
CVSS3: 7.8
CVSS2: 6.8
EPSS Низкий

Описание

Уязвимость компонента SMEM Partition Handler микропрограммного обеспечения встраиваемых плат Qualcomm связана с копированием буфера без проверки размера входных данных. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код

Вендор

Qualcomm Technologies Inc.

Наименование ПО

IPQ4019
IPQ8064
QCA9980
Qualcomm SDX55
Qualcomm SXR2130
MDM9650
SDM429
SD 8 Gen1 5G
AQT1000
AR8035
CSRA6620
CSRA6640
Qualcomm SD865 5G
Qualcomm SD888
Qualcomm SM7250P
Qualcomm SM7315
Qualcomm SM7325P
Qualcomm WCD9340
Qualcomm WCD9341
Qualcomm WCD9370
Qualcomm WCD9375
Qualcomm WCD9380
Qualcomm WCD9385
Qualcomm WCN3988
Qualcomm WCN6740
Qualcomm WSA8810
Qualcomm WSA8815
Qualcomm WSA8830
Qualcomm WSA8835
Qualcomm SW5100
Qualcomm SW5100P
Qualcomm WCD9326
Qualcomm WCD9335
Qualcomm WCN3615
Qualcomm WCN3660B
Qualcomm WCN3680B
Qualcomm WCN3910
Qualcomm WCN3950
Qualcomm WCN3980
Qualcomm WSA8832
SD730
Qualcomm SM4125
Qualcomm SM6250
Qualcomm WCN3990
SD670
Qualcomm WCN3610
Qualcomm WCN3620
Qualcomm WCN3680
SD835
SD855
QCA7500
Snapdragon 429 Mobile Platform
Snapdragon 835 Mobile PC Platform
Snapdragon 855 Mobile Platform
Snapdragon 855+/860 Mobile Platform (SM8150-AC)
Snapdragon 865 5G Mobile Platform
Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
Snapdragon 870 5G Mobile Platform (SM8250-AC)
Snapdragon W5+ Gen 1 Wearable Platform
Snapdragon X55 5G Modem-RF System
Snapdragon XR2 5G Platform
Snapdragon Auto 4G Modem
Snapdragon X50 5G Modem-RF System
Snapdragon 8 Gen 1 Mobile Platform
Snapdragon 888 5G Mobile Platform
Snapdragon 888+ 5G Mobile Platform (SM8350-AC)
Snapdragon 765 5G Mobile Platform (SM7250-AA)
Snapdragon 765G 5G Mobile Platform (SM7250-AB)
Snapdragon 768G 5G Mobile Platform (SM7250-AC)
Qualcomm Smart Audio 400 Platform
Snapdragon 4 Gen 1 Mobile Platform
Snapdragon 460 Mobile Platform
Snapdragon 480 5G Mobile Platform
Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
Snapdragon 662 Mobile Platform
Snapdragon 670 Mobile Platform
Snapdragon 675 Mobile Platform
Snapdragon 678 Mobile Platform (SM6150-AC)
Snapdragon 680 4G Mobile Platform
Snapdragon 685 4G Mobile Platform (SM6225-AD)
Snapdragon 690 5G Mobile Platform
Snapdragon 695 5G Mobile Platform
Snapdragon 720G Mobile Platform
Snapdragon 730 Mobile Platform (SM7150-AA)
Snapdragon 730G Mobile Platform (SM7150-AB)
Snapdragon 732G Mobile Platform (SM7150-AC)
Snapdragon 750G 5G Mobile Platform
Snapdragon 778G 5G Mobile Platform
Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)
Snapdragon 780G 5G Mobile Platform
Snapdragon 782G Mobile Platform (SM7325-AF)
Snapdragon 7c+ Gen 3 Compute Platform
Snapdragon 8+ Gen 1 Mobile Platform
Snapdragon 845 Mobile Platform
Snapdragon AR2 Gen 1 Platform
Snapdragon X24 LTE Modem
Snapdragon X65 5G Modem-RF System
Snapdragon XR2+ Gen 1 Platform
Qualcomm SSG2115P
Qualcomm SSG2125P
Qualcomm SXR1230P
Qualcomm SXR2230P
Qualcomm Vision Intelligence 300 Platform
Qualcomm Vision Intelligence 400 Platform
205 Mobile Platform
215 Mobile Platform
Qualcomm® Video Collaboration VC1 Platform
Qualcomm® Video Collaboration VC3 Platform
Qualcomm SG4150P
Qualcomm SG8275P
Qualcomm SM8550P
Qualcomm Snapdragon 210 Processor
Qualcomm Snapdragon 212 Mobile Platform
Qualcomm Snapdragon 4 Gen 2 Mobile Platform
Snapdragon 8 Gen 2 Mobile Platform
Snapdragon 8+ Gen 2 Mobile Platform
Snapdragon Auto 5G Modem-RF
Snapdragon X75 5G Modem-RF System
Qualcomm WCD9390
Qualcomm WCD9395
Qualcomm WSA8840
Qualcomm WSA8845
Qualcomm WSA8845H
Immersive Home 214 Platform
Immersive Home 216 Platform
Immersive Home 316 Platform
Immersive Home 318 Platform
Immersive Home 3210 Platform
Immersive Home 326 Platform
IPQ5010
IPQ5028
IPQ5332
IPQ8070A
IPQ8071A
IPQ8072A
IPQ8074A
IPQ8076
IPQ8076A
IPQ8078
IPQ8078A
IPQ8173
IPQ8174
IPQ9554
IPQ9570
QCA0000
QCA9889
QCF8000
QCF8001
QCN5024
QCN5124
QCN5154
QCN5164
QCN6112
QCN6122
QCN6132
QCN9100
SA4155P
SA8770P
SDX65M
Snapdragon X12 LTE Modem
AR9380
IPQ8065
IPQ8068
IPQ9008
IPQ9574
QCA6564AU
QCA6574
QCA6574A
QCA6574AU
QCA6584AU
QCA6678AQ
QCA9886
QCA9888
QCA9985
QCA9990
QCA9992
QCA9994
QCN5054
QCN6100
QCN6102
QCN9001
QCN9002
QCN9003
QCN9022
IPQ5302
IPQ5312
IPQ8070
FSM10055
FSM10056
PMP8074
QCN6402
QCN6412
QCN6422
QCN6432
Qualcomm® Video Collaboration VC5 Platform
Qualcomm Snapdragon 660 Mobile Platform
Snapdragon 710 Mobile Platform
Snapdragon 8 Gen 3 Mobile Platform
Snapdragon Auto 5G Modem-RF Gen 2
Snapdragon X35 5G Modem-RF System
Snapdragon XR1 Platform
SXR1120
SA4150P
SA8775P
Qualcomm Snapdragon 820 Automotive Platform
IPQ4018
IPQ4028
IPQ4029
QCA9880
QCA9898
FSM20055
FSM20056
IPQ5300
QAM8620P
SA7775P
SA8620P
SA8650P
SM6370
Snapdragon X62 5G Modem-RF System
Snapdragon X72 5G Modem-RF System
SRV1H
SRV1L
SRV1M
SXR2250P
TalynPlus
FastConnect 6700
FastConnect 6900
FastConnect 7800
QCS4490
QCM4490
CSR8811
IPQ6000
IPQ6010
IPQ6018
IPQ6028
QAM8255P
QAM8295P
QAM8650P
QAM8775P
QAMSRV1H
QAMSRV1M
QCA4024
QCA6595
QCA6595AU
QCA6696
QCA6698AQ
QCA6797AQ
QCA8075
QCA8081
QCA8082
QCA8084
QCA8085
QCA8337
QCA8386
QCC710
QCM5430
QCM6490
QCM8550
QCN5022
QCN5052
QCN5122
QCN5152
QCN6023
QCN6024
QCN6224
QCN6274
QCN9000
QCN9012
QCN9024
QCN9070
QCN9072
QCN9074
QCN9274
QCS410
QCS5430
QCS610
QCS6490
QCS8550
QFW7114
QFW7124
SA6155P
SA7255P
SA8155P
SA8255P
SA8295P
SA9000P
FastConnect 6200
FastConnect 6800
Flight RB5 5G Platform
QCA6174A
QCA6391
QCA6420
QCA6426
QCA6430
QCA6436
QCM2150
QCM2290
QCM4290
QCM4325
QCM6125
QCN9011
QCS2290
QCS4290
QCS6125
QCS7230
QCS8250
QDU1000
QDU1010
QDU1110
QDU1210
QDX1010
QDX1011
QEP8111
QRB5165M
QRB5165N
QRU1032
QRU1052
QRU1062
QSM8350
Robotics RB5 Platform
SA6145P
SA6150P
SA6155
SA8145P
SA8150P
SA8155
QCA8072
QCA9984
APQ8064AU
CSRB31024
QCA6310
QCA6335
QCA6564A
QCA9377
MSM8996AU
QCA6320
QCA6564
MDM9628
QCA9367
QCN5021

Версия ПО

- (IPQ4019)
- (IPQ8064)
- (QCA9980)
- (Qualcomm SDX55)
- (Qualcomm SXR2130)
- (MDM9650)
- (SDM429)
- (SD 8 Gen1 5G)
- (AQT1000)
- (AR8035)
- (CSRA6620)
- (CSRA6640)
- (Qualcomm SD865 5G)
- (Qualcomm SD888)
- (Qualcomm SM7250P)
- (Qualcomm SM7315)
- (Qualcomm SM7325P)
- (Qualcomm WCD9340)
- (Qualcomm WCD9341)
- (Qualcomm WCD9370)
- (Qualcomm WCD9375)
- (Qualcomm WCD9380)
- (Qualcomm WCD9385)
- (Qualcomm WCN3988)
- (Qualcomm WCN6740)
- (Qualcomm WSA8810)
- (Qualcomm WSA8815)
- (Qualcomm WSA8830)
- (Qualcomm WSA8835)
- (Qualcomm SW5100)
- (Qualcomm SW5100P)
- (Qualcomm WCD9326)
- (Qualcomm WCD9335)
- (Qualcomm WCN3615)
- (Qualcomm WCN3660B)
- (Qualcomm WCN3680B)
- (Qualcomm WCN3910)
- (Qualcomm WCN3950)
- (Qualcomm WCN3980)
- (Qualcomm WSA8832)
- (SD730)
- (Qualcomm SM4125)
- (Qualcomm SM6250)
- (Qualcomm WCN3990)
- (SD670)
- (Qualcomm WCN3610)
- (Qualcomm WCN3620)
- (Qualcomm WCN3680)
- (SD835)
- (SD855)
- (QCA7500)
- (Snapdragon 429 Mobile Platform)
- (Snapdragon 835 Mobile PC Platform)
- (Snapdragon 855 Mobile Platform)
- (Snapdragon 855+/860 Mobile Platform (SM8150-AC))
- (Snapdragon 865 5G Mobile Platform)
- (Snapdragon 865+ 5G Mobile Platform (SM8250-AB))
- (Snapdragon 870 5G Mobile Platform (SM8250-AC))
- (Snapdragon W5+ Gen 1 Wearable Platform)
- (Snapdragon X55 5G Modem-RF System)
- (Snapdragon XR2 5G Platform)
- (Snapdragon Auto 4G Modem)
- (Snapdragon X50 5G Modem-RF System)
- (Snapdragon 8 Gen 1 Mobile Platform)
- (Snapdragon 888 5G Mobile Platform)
- (Snapdragon 888+ 5G Mobile Platform (SM8350-AC))
- (Snapdragon 765 5G Mobile Platform (SM7250-AA))
- (Snapdragon 765G 5G Mobile Platform (SM7250-AB))
- (Snapdragon 768G 5G Mobile Platform (SM7250-AC))
- (Qualcomm Smart Audio 400 Platform)
- (Snapdragon 4 Gen 1 Mobile Platform)
- (Snapdragon 460 Mobile Platform)
- (Snapdragon 480 5G Mobile Platform)
- (Snapdragon 480+ 5G Mobile Platform (SM4350-AC))
- (Snapdragon 662 Mobile Platform)
- (Snapdragon 670 Mobile Platform)
- (Snapdragon 675 Mobile Platform)
- (Snapdragon 678 Mobile Platform (SM6150-AC))
- (Snapdragon 680 4G Mobile Platform)
- (Snapdragon 685 4G Mobile Platform (SM6225-AD))
- (Snapdragon 690 5G Mobile Platform)
- (Snapdragon 695 5G Mobile Platform)
- (Snapdragon 720G Mobile Platform)
- (Snapdragon 730 Mobile Platform (SM7150-AA))
- (Snapdragon 730G Mobile Platform (SM7150-AB))
- (Snapdragon 732G Mobile Platform (SM7150-AC))
- (Snapdragon 750G 5G Mobile Platform)
- (Snapdragon 778G 5G Mobile Platform)
- (Snapdragon 778G+ 5G Mobile Platform (SM7325-AE))
- (Snapdragon 780G 5G Mobile Platform)
- (Snapdragon 782G Mobile Platform (SM7325-AF))
- (Snapdragon 7c+ Gen 3 Compute Platform)
- (Snapdragon 8+ Gen 1 Mobile Platform)
- (Snapdragon 845 Mobile Platform)
- (Snapdragon AR2 Gen 1 Platform)
- (Snapdragon X24 LTE Modem)
- (Snapdragon X65 5G Modem-RF System)
- (Snapdragon XR2+ Gen 1 Platform)
- (Qualcomm SSG2115P)
- (Qualcomm SSG2125P)
- (Qualcomm SXR1230P)
- (Qualcomm SXR2230P)
- (Qualcomm Vision Intelligence 300 Platform)
- (Qualcomm Vision Intelligence 400 Platform)
- (205 Mobile Platform)
- (215 Mobile Platform)
- (Qualcomm® Video Collaboration VC1 Platform)
- (Qualcomm® Video Collaboration VC3 Platform)
- (Qualcomm SG4150P)
- (Qualcomm SG8275P)
- (Qualcomm SM8550P)
- (Qualcomm Snapdragon 210 Processor)
- (Qualcomm Snapdragon 212 Mobile Platform)
- (Qualcomm Snapdragon 4 Gen 2 Mobile Platform)
- (Snapdragon 8 Gen 2 Mobile Platform)
- (Snapdragon 8+ Gen 2 Mobile Platform)
- (Snapdragon Auto 5G Modem-RF)
- (Snapdragon X75 5G Modem-RF System)
- (Qualcomm WCD9390)
- (Qualcomm WCD9395)
- (Qualcomm WSA8840)
- (Qualcomm WSA8845)
- (Qualcomm WSA8845H)
- (Immersive Home 214 Platform)
- (Immersive Home 216 Platform)
- (Immersive Home 316 Platform)
- (Immersive Home 318 Platform)
- (Immersive Home 3210 Platform)
- (Immersive Home 326 Platform)
- (IPQ5010)
- (IPQ5028)
- (IPQ5332)
- (IPQ8070A)
- (IPQ8071A)
- (IPQ8072A)
- (IPQ8074A)
- (IPQ8076)
- (IPQ8076A)
- (IPQ8078)
- (IPQ8078A)
- (IPQ8173)
- (IPQ8174)
- (IPQ9554)
- (IPQ9570)
- (QCA0000)
- (QCA9889)
- (QCF8000)
- (QCF8001)
- (QCN5024)
- (QCN5124)
- (QCN5154)
- (QCN5164)
- (QCN6112)
- (QCN6122)
- (QCN6132)
- (QCN9100)
- (SA4155P)
- (SA8770P)
- (SDX65M)
- (Snapdragon X12 LTE Modem)
- (AR9380)
- (IPQ8065)
- (IPQ8068)
- (IPQ9008)
- (IPQ9574)
- (QCA6564AU)
- (QCA6574)
- (QCA6574A)
- (QCA6574AU)
- (QCA6584AU)
- (QCA6678AQ)
- (QCA9886)
- (QCA9888)
- (QCA9985)
- (QCA9990)
- (QCA9992)
- (QCA9994)
- (QCN5054)
- (QCN6100)
- (QCN6102)
- (QCN9001)
- (QCN9002)
- (QCN9003)
- (QCN9022)
- (IPQ5302)
- (IPQ5312)
- (IPQ8070)
- (FSM10055)
- (FSM10056)
- (PMP8074)
- (QCN6402)
- (QCN6412)
- (QCN6422)
- (QCN6432)
- (Qualcomm® Video Collaboration VC5 Platform)
- (Qualcomm Snapdragon 660 Mobile Platform)
- (Snapdragon 710 Mobile Platform)
- (Snapdragon 8 Gen 3 Mobile Platform)
- (Snapdragon Auto 5G Modem-RF Gen 2)
- (Snapdragon X35 5G Modem-RF System)
- (Snapdragon XR1 Platform)
- (SXR1120)
- (SA4150P)
- (SA8775P)
- (Qualcomm Snapdragon 820 Automotive Platform)
- (IPQ4018)
- (IPQ4028)
- (IPQ4029)
- (QCA9880)
- (QCA9898)
- (FSM20055)
- (FSM20056)
- (IPQ5300)
- (QAM8620P)
- (SA7775P)
- (SA8620P)
- (SA8650P)
- (SM6370)
- (Snapdragon X62 5G Modem-RF System)
- (Snapdragon X72 5G Modem-RF System)
- (SRV1H)
- (SRV1L)
- (SRV1M)
- (SXR2250P)
- (TalynPlus)
- (FastConnect 6700)
- (FastConnect 6900)
- (FastConnect 7800)
- (QCS4490)
- (QCM4490)
- (CSR8811)
- (IPQ6000)
- (IPQ6010)
- (IPQ6018)
- (IPQ6028)
- (QAM8255P)
- (QAM8295P)
- (QAM8650P)
- (QAM8775P)
- (QAMSRV1H)
- (QAMSRV1M)
- (QCA4024)
- (QCA6595)
- (QCA6595AU)
- (QCA6696)
- (QCA6698AQ)
- (QCA6797AQ)
- (QCA8075)
- (QCA8081)
- (QCA8082)
- (QCA8084)
- (QCA8085)
- (QCA8337)
- (QCA8386)
- (QCC710)
- (QCM5430)
- (QCM6490)
- (QCM8550)
- (QCN5022)
- (QCN5052)
- (QCN5122)
- (QCN5152)
- (QCN6023)
- (QCN6024)
- (QCN6224)
- (QCN6274)
- (QCN9000)
- (QCN9012)
- (QCN9024)
- (QCN9070)
- (QCN9072)
- (QCN9074)
- (QCN9274)
- (QCS410)
- (QCS5430)
- (QCS610)
- (QCS6490)
- (QCS8550)
- (QFW7114)
- (QFW7124)
- (SA6155P)
- (SA7255P)
- (SA8155P)
- (SA8255P)
- (SA8295P)
- (SA9000P)
- (FastConnect 6200)
- (FastConnect 6800)
- (Flight RB5 5G Platform)
- (QCA6174A)
- (QCA6391)
- (QCA6420)
- (QCA6426)
- (QCA6430)
- (QCA6436)
- (QCM2150)
- (QCM2290)
- (QCM4290)
- (QCM4325)
- (QCM6125)
- (QCN9011)
- (QCS2290)
- (QCS4290)
- (QCS6125)
- (QCS7230)
- (QCS8250)
- (QDU1000)
- (QDU1010)
- (QDU1110)
- (QDU1210)
- (QDX1010)
- (QDX1011)
- (QEP8111)
- (QRB5165M)
- (QRB5165N)
- (QRU1032)
- (QRU1052)
- (QRU1062)
- (QSM8350)
- (Robotics RB5 Platform)
- (SA6145P)
- (SA6150P)
- (SA6155)
- (SA8145P)
- (SA8150P)
- (SA8155)
- (QCA8072)
- (QCA9984)
- (APQ8064AU)
- (CSRB31024)
- (QCA6310)
- (QCA6335)
- (QCA6564A)
- (QCA9377)
- (MSM8996AU)
- (QCA6320)
- (QCA6564)
- (MDM9628)
- (QCA9367)
- (QCN5021)

Тип ПО

Микропрограммный код
Сетевое средство
Сетевое программное средство

Операционные системы и аппаратные платформы

Google Inc Android -

Уровень опасности уязвимости

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 6,8)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 7,8)

Возможные меры по устранению уязвимости

Использование рекомендаций:
Для продуктов Qualcomm Technologies, Inc.:
https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html
https://git.codelinaro.org/clo/la/kernel/msm-5.4/-/commit/b12e1634ab1e954ecd0577e75a12a7a4f4c108d6

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 30%
0.00111
Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2024-23368

CVSS3: 7.8
nvd
больше 1 года назад

Memory corruption when allocating and accessing an entry in an SMEM partition.

github логотип

GHSA-xx3j-5qgj-ppv5

CVSS3: 7.8
github
больше 1 года назад

Memory corruption when allocating and accessing an entry in an SMEM partition.

EPSS

Процентиль: 30%
0.00111
Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2