CVE-2023-43513

HIGH

Qualcomm Modem and Networking Firmware - Memory Corruption

Title source: llm

Description

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin

Scores

CVSS v3 7.8

EPSS 0.0005

EPSS Percentile 16.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-823 CWE-787

Status published

Products (50)

qualcomm/315_5g_iot_modem_firmware

qualcomm/apq8017_firmware

qualcomm/aqt1000_firmware

qualcomm/ar8031_firmware

qualcomm/ar8035_firmware

qualcomm/c-v2x_9150_firmware

qualcomm/csra6620_firmware

qualcomm/csra6640_firmware

qualcomm/csrb31024_firmware

qualcomm/fastconnect_6200_firmware

... and 40 more

Published Feb 06, 2024

Tracked Since Feb 18, 2026