CVE-2023-43515

CVE Database · CVE-2023-43515

· MEDIUMAnalyzed

CVSS v3.1

6.6

EPSS

0.11%

Published

Apr 1, 2024

Modified

Jan 13, 2025

Public PoC / Exploit (1)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

Weaknesses (CWE)

CWE-120CWE-120

Affected Products (12)

qualcomm · fastconnect_6900_firmwarevulnerable

qualcomm · fastconnect_6900

qualcomm · fastconnect_7800_firmwarevulnerable

qualcomm · fastconnect_7800

qualcomm · snapdragon_8_gen_1_mobile_firmwarevulnerable

qualcomm · snapdragon_8_gen_1_mobile

qualcomm · wcd9380_firmwarevulnerable

qualcomm · wcd9380

qualcomm · wsa8830_firmwarevulnerable

qualcomm · wsa8830

qualcomm · wsa8835_firmwarevulnerable

References (2)

PatchVendor Advisory

PatchVendor Advisory