CVE-2023-21666

Q: What is the severity of CVE-2023-21666?

CVE-2023-21666 has a CVSS score of 8.4 (HIGH). CVE-2023-21666 is a memory corruption vulnerability in Qualcomm's Adreno GPU driver (KGSL) that allows attackers to access sensitive data from graphics memory pools. This affects Android devices with Qualcomm Adreno GPUs, potentially exposing user data and system information to malicious applications.

8.4 HIGH

📋 TL;DR

CVE-2023-21666 is a memory corruption vulnerability in Qualcomm's Adreno GPU driver (KGSL) that allows attackers to access sensitive data from graphics memory pools. This affects Android devices with Qualcomm Adreno GPUs, potentially exposing user data and system information to malicious applications.

💻 Affected Systems

Products:

Qualcomm Adreno GPU
Android devices with Qualcomm chipsets

Versions: Multiple Adreno GPU driver versions prior to May 2023 patches

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Qualcomm Adreno GPUs using the KGSL (Kernel Graphics Support Layer) driver. Specific chipset models include various Snapdragon processors.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise including privilege escalation, data exfiltration, and potential remote code execution on affected devices.

🟠

Likely Case

Information disclosure where malicious apps can read sensitive data from GPU memory, potentially exposing user credentials, encryption keys, or other protected information.

🟢

If Mitigated

Limited impact with proper app sandboxing and security controls, though some data leakage may still occur.

🌐 Internet-Facing: MEDIUM - Requires malicious app installation but can be distributed through app stores or sideloading.

🏢 Internal Only: MEDIUM - Similar risk profile as internet-facing since exploitation requires local app execution.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires a malicious application to be installed and executed on the target device. The vulnerability allows reading from graphics memory buffers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: May 2023 security updates and later

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin

Restart Required: Yes

Instructions:

1. Check for Android security updates from device manufacturer. 2. Install May 2023 or later security patches. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict app installations

android

Only install apps from trusted sources like Google Play Store and disable unknown sources installation.

Update GPU drivers

android

Ensure Qualcomm GPU drivers are updated through system updates.

🧯 If You Can't Patch

Implement strict application allowlisting to prevent untrusted app execution
Use mobile device management (MDM) solutions to enforce security policies and monitor for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level: Settings > About phone > Android version > Security patch level. If before May 2023, likely vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level is May 2023 or later and check that Qualcomm GPU drivers have been updated.

📡 Detection & Monitoring

Log Indicators:

Unusual GPU memory access patterns
Suspicious app behavior accessing graphics APIs

Network Indicators:

Unusual data exfiltration from mobile devices

SIEM Query:

source="android_logs" AND ("KGSL" OR "graphics_memory" OR "Adreno") AND ("access_violation" OR "memory_corruption")

📊 Metadata

CVE ID: CVE-2023-21666

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-401

Published: May 2, 2023

Last Updated: November 21, 2024

📋 TL;DR

💻 Affected Systems

📦 What is this software?

8905 Firmware by Qualcomm

8909 Firmware by Qualcomm

8909 Firmware by Qualcomm

8917 Firmware by Qualcomm

8953 Firmware by Qualcomm

8953pro Firmware by Qualcomm

8998 Firmware by Qualcomm

Apq5053 Aa Firmware by Qualcomm

Apq8053 Aa Firmware by Qualcomm

Apq8053 Ac Firmware by Qualcomm

Apq8053 Lite Firmware by Qualcomm

Flight Rb5 5g Platform Firmware by Qualcomm

Home Hub 100 Platform Firmware by Qualcomm

Mdm9250 Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Mdm9650 Firmware by Qualcomm

Msm8108 Firmware by Qualcomm

Msm8209 Firmware by Qualcomm

Msm8608 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Qca6174 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6320 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9367 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qca9379 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcn9011 Firmware by Qualcomm

Qcn9012 Firmware by Qualcomm

Qcn9074 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qcs605 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Qcs8155 Firmware by Qualcomm

Qcs8250 Firmware by Qualcomm

Qm215 Firmware by Qualcomm

Qrb5165 Firmware by Qualcomm

Qrb5165 Firmware by Qualcomm

Qrb5165m Firmware by Qualcomm

Qrb5165n Firmware by Qualcomm

Qsm8250 Firmware by Qualcomm

Sa6145p Firmware by Qualcomm

Sa6150p Firmware by Qualcomm

Sa6155 Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa8145p Firmware by Qualcomm

Sa8150p Firmware by Qualcomm

Sa8155 Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sd 675 Firmware by Qualcomm

Sd626 Firmware by Qualcomm