CVE-2023-28574

nvd nist

Published: Nov 7, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Memory corruption in core services when Diag handler receives a command to configure event listeners.

Affected (78)

Products: Qualcomm: Ar8035 Firmware, Wcn6750 Firmware, Wcn685x 5 Firmware, Wcn685x 1 Firmware, Wcn785x 1 Firmware, Wcn785x 5 Firmware, Qam8255p Firmware, Qam8650p Firmware, Qam8775p Firmware, Qamsrv1h Firmware, Qca6310 Firmware, Qca6320 Firmware, Qca6595 Firmware, Qca6595au Firmware, Qca6696 Firmware, Qca6698aq Firmware, Qca6797aq Firmware, Qca8081 Firmware, Qca8337 Firmware, Qcc710 Firmware, Qcm4490 Firmware, Qcm8550 Firmware, Qcn6024 Firmware, Qcn6224 Firmware, Qcn6274 Firmware, Qcn9024 Firmware, Qcs4490 Firmware, Qcs8550 Firmware, Qdu1000 Firmware, Qdu1010 Firmware, Qdu1110 Firmware, Qdu1210 Firmware, Qdx1010 Firmware, Qdx1011 Firmware, Qfw7114 Firmware, Qfw7124 Firmware, Qru1032 Firmware, Qru1052 Firmware, Qru1062 Firmware, Sa8255p Firmware, Sa8650p Firmware, Sa9000p Firmware, Sc8380xp Firmware, Sd835 Firmware, Sg8275p Firmware, Sm8550p Firmware, Snapdragon 4 Gen 2 Mobile Platform Firmware, Snapdragon 8+ Gen 2 Mobile Platform Firmware, Snapdragon 835 Mobile Pc Platform Firmware, Snapdragon Ar2 Gen 1 Platform Firmware, Snapdragon X65 5g Modem Rf System Firmware, Snapdragon X70 Modem Rf System Firmware, Snapdragon X75 5g Modem Rf System Firmware, Srv1h Firmware, Ssg2115p Firmware, Ssg2125p Firmware, Sxr1230p Firmware, Sxr2230p Firmware, Wcd9335 Firmware, Wcd9340 Firmware, Wcd9341 Firmware, Wcd9370 Firmware, Wcd9380 Firmware, Wcd9385 Firmware, Wcd9390 Firmware, Wcd9395 Firmware, Wcn3950 Firmware, Wcn3988 Firmware, Wcn3990 Firmware, Wsa8810 Firmware, Wsa8815 Firmware, Wsa8830 Firmware, Wsa8832 Firmware, Wsa8835 Firmware, Wsa8840 Firmware, Wsa8845 Firmware, Wsa8845h Firmware

77 products

Snapdragon 4 Gen 2 Mobile Platform Firmware

Snapdragon 8+ Gen 2 Mobile Platform Firmware

Snapdragon 835 Mobile Pc Platform Firmware

Snapdragon Ar2 Gen 1 Platform Firmware

Snapdragon X65 5g Modem Rf System Firmware

Snapdragon X70 Modem Rf System Firmware

Snapdragon X75 5g Modem Rf System Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8035 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8035	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6750 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6750	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn685x 5 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn685x 5	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn685x 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn685x 1	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn785x 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn785x 1	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn785x 5 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn785x 5	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qam8255p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qam8255p	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qam8650p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qam8650p	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qam8775p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qam8775p	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qamsrv1h Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qamsrv1h	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6310 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6310	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6320 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6320	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6595 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6595	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6595au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6595au	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6696 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6696	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6698aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6698aq	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6797aq Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6797aq	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8081 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8081	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8337 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8337	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcc710 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcc710	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcm4490 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcm4490	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcm8550 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcm8550	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6024 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6024	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6224 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6224	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6274 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6274	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn9024 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn9024	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs4490 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs4490	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs8550 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs8550	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdu1000 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdu1000	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdu1010 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdu1010	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdu1110 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdu1110	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdu1210 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdu1210	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdx1010 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdx1010	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qdx1011 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qdx1011	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfw7114 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfw7114	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfw7124 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfw7124	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qru1032 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qru1032	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qru1052 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qru1052	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qru1062 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qru1062	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8255p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8255p	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8650p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8650p	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa9000p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa9000p	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8380xp Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8380xp	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd835	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sg8275p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sg8275p	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm8550p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm8550p	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 4 Gen 2 Mobile Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 4 Gen 2 Mobile Platform	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 8 Gen 2 Mobile Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 8 Gen 2 Mobile Platform	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 8+ Gen 2 Mobile Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 8+ Gen 2 Mobile Platform	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 835 Mobile Pc Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 835 Mobile Pc Platform	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon Ar2 Gen 1 Platform Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon Ar2 Gen 1 Platform	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X65 5g Modem Rf System Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X65 5g Modem Rf System	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X70 Modem Rf System Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X70 Modem Rf System	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X75 5g Modem Rf System Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X75 5g Modem Rf System	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Srv1h Firmware	All versions

Running on/with	Platform Versions
Qualcomm Srv1h	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ssg2115p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ssg2115p	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ssg2125p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ssg2125p	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr1230p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr1230p	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr2230p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr2230p	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9335 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9335	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9341 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9341	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9370 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9370	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9385 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9385	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9390 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9390	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9395 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9395	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3950 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3950	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3988 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3988	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3990 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3990	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8832 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8832	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8840 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8840	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8845 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8845	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8845h Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8845h	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.