CVE-2023-22384 — MEDIUM (6.7)

Vulnerability Description

Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Qualcomm	Qca6574Au Firmware	-
Qualcomm	Qca6574Au	-
Qualcomm	Qca6696 Firmware	-
Qualcomm	Qca6696	-
Qualcomm	Sa6145P Firmware	-
Qualcomm	Sa6145P	-
Qualcomm	Sa6150P Firmware	-
Qualcomm	Sa6150P	-
Qualcomm	Sa6155P Firmware	-
Qualcomm	Sa6155P	-
Qualcomm	Sa8145P Firmware	-
Qualcomm	Sa8145P	-
Qualcomm	Sa8150P Firmware	-
Qualcomm	Sa8150P	-
Qualcomm	Sa8155P Firmware	-
Qualcomm	Sa8155P	-
Qualcomm	Sa8195P Firmware	-
Qualcomm	Sa8195P	-

Related Weaknesses (CWE)

CWE-120 CWE-787

References

https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletiVendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletiVendor Advisory

FAQ

What is CVE-2023-22384?

CVE-2023-22384 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).

How severe is CVE-2023-22384?

CVE-2023-22384 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-22384?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Qca6574Au Firmware, Qualcomm Qca6574Au, Qualcomm Qca6696 Firmware, Qualcomm Qca6696, Qualcomm Sa6145P Firmware.