CVE-2023-22387 Use of Out-of-range Pointer Offset in Qualcomm IPC (4th July 2023)

Preface: Gunyah is a Type-1 hypervisor designed for strong security, performance and modularity. Independent of any high-level OS kernel, Gunyah runs in a higher CPU privilege level, and does not depend on any lower-privileged OS kernel/code for its core functionality.

Background: Gunyah is a product of Qualcomm Innovation Center, Inc. Gunyah is an open-source type-1 hypervisor developed by Qualcomm with an emphasis on security and other features.
There are 2 types of process:

  • Independent Processes – Processes that do not share data with other processes.
  • Cooperating Processes – Processes that shares data with other processes.
    Inter-Process Communication is the mechanism by which cooperating process share data and information.
  • Shared memory: A particular region of memory is shared between cooperating process.
  • Cooperating process can exchange information by reading and writing data to this shared region.
  • It’s faster than Memory Parsing, as Kernel is required only once, that is, setting up a shared memory . After That, kernel assistance is not required.

Vulnerability details: Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-22387

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.