Vulnerabilities > CVE-2023-43535 - Improper Validation of Array Index vulnerability in Qualcomm products

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2024-02-06

Updated: 2024-04-12

Summary

Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger.

Part	Description	Count
OS	Qualcomm Qualcomm Fastconnect 6700 Firmware - Qualcomm Fastconnect 6900 Firmware - Qualcomm Fastconnect 7800 Firmware - Qualcomm Sc8380Xp Firmware - Qualcomm Snapdragon 7C+ GEN 3 Compute Firmware - Qualcomm Snapdragon 8CX GEN 3 Compute Platform Firmware - Qualcomm Wcd9380 Firmware - Qualcomm Wcd9385 Firmware - Qualcomm Wsa8830 Firmware - Qualcomm Wsa8835 Firmware - Qualcomm Wsa8840 Firmware - Qualcomm Wsa8845 Firmware - Qualcomm Wsa8845H Firmware -	13
Hardware	Qualcomm Qualcomm Fastconnect 6700 - Qualcomm Fastconnect 6900 - Qualcomm Fastconnect 7800 - Qualcomm Sc8380Xp - Qualcomm Snapdragon 7C+ GEN 3 Compute - Qualcomm Snapdragon 8CX GEN 3 Compute Platform - Qualcomm Wcd9380 - Qualcomm Wcd9385 - Qualcomm Wsa8830 - Qualcomm Wsa8835 - Qualcomm Wsa8840 - Qualcomm Wsa8845 - Qualcomm Wsa8845H -	13

Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.