Lucene search
HistoryAug 08, 2023 - 10:15 a.m.
CVE-2023-28576
cve-2023-28576
buffer
kernel apis
unauthorized access
modification
out-of-bounds
nvd
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to out-of-bounds read/write issues.
Affected configurations
Node
qualcommfastconnect_6800_firmwareMatch-
qualcommfastconnect_6800Match-
Node
qualcommfastconnect_6900_firmwareMatch-
qualcommfastconnect_6900Match-
Node
qualcommfastconnect_7800_firmwareMatch-
qualcommfastconnect_7800Match-
Node
qualcommqca6391_firmwareMatch-
qualcommqca6391Match-
Node
qualcommqca6426_firmwareMatch-
qualcommqca6426Match-
Node
qualcommqca6436_firmwareMatch-
qualcommqca6436Match-
Node
qualcommqcn9074_firmwareMatch-
qualcommqcn9074Match-
Node
qualcommqcs410_firmwareMatch-
qualcommqcs410Match-
Node
qualcommqcs610_firmwareMatch-
qualcommqcs610Match-
Node
qualcommsd865_5g_firmwareMatch-
qualcommsd865_5gMatch-
Node
qualcommsnapdragon_8_gen_1_firmwareMatch-
qualcommsnapdragon_8_gen_1Match-
Node
qualcommsnapdragon_865_5g_firmwareMatch-
qualcommsnapdragon_865_5gMatch-
Node
qualcommsnapdragon_865\+_5g_firmwareMatch-
qualcommsnapdragon_865\+_5gMatch-
Node
qualcommsnapdragon_870_5g_firmwareMatch-
qualcommsnapdragon_870_5gMatch-
Node
qualcommsnapdragon_x55_5g_firmwareMatch-
qualcommsnapdragon_x55_5gMatch-
Node
qualcommsnapdragon_xr2_5g_firmwareMatch-
qualcommsnapdragon_xr2_5gMatch-
Node
qualcommsw5100Match-
qualcommsw5100_firmwareMatch-
Node
qualcommsw5100pMatch-
qualcommsw5100p_firmwareMatch-
Node
qualcommsxr2130Match-
qualcommsxr2130_firmwareMatch-
Node
qualcommwcd9341Match-
qualcommwcd9341_firmwareMatch-
Node
qualcommwcd9370Match-
qualcommwcd9370_firmwareMatch-
Node
qualcommwcd9380Match-
qualcommwcd9380_firmwareMatch-
Node
qualcommwcn3660bMatch-
qualcommwcn3660b_firmwareMatch-
Node
qualcommwcn3680bMatch-
qualcommwcn3680b_firmwareMatch-
Node
qualcommwcn3950Match-
qualcommwcn3950_firmwareMatch-
Node
qualcommwcn3980Match-
qualcommwcn3980_firmwareMatch-
Node
qualcommwcn3988Match-
qualcommwcn3988_firmwareMatch-
Node
qualcommwsa8810Match-
qualcommwsa8810_firmwareMatch-
Node
qualcommwsa8815_firmwareMatch-
qualcommwsa8815Match-
Node
qualcommwsa8830_firmwareMatch-
qualcommwsa8830Match-
Node
qualcommwsa8835_firmwareMatch-
qualcommwsa8835Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| qualcomm:fastconnect_6800_firmware | qualcomm fastconnect 6800 firmware | eq | - |
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon Mobile",
"Snapdragon Wearables"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCN9074"
},
{
"status": "affected",
"version": "QCS410"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 865 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
},
{
"status": "affected",
"version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
},
{
"status": "affected",
"version": "Snapdragon X55 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon XR2 5G Platform"
},
{
"status": "affected",
"version": "SW5100"
},
{
"status": "affected",
"version": "SW5100P"
},
{
"status": "affected",
"version": "SXR2130"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8835"
}
]
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2023-28576
2023-08-08 10:15:14
prion
prion
Out-of-bounds
2023-08-08 10:15:00
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for CVE-2023-28576