Vulnerability-Lookup

GHSA-5VHH-J7C8-8HJC

Vulnerability from github – Published: 2023-12-05 03:30 – Updated: 2023-12-05 03:30

Details

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.

Severity

6.7 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-28579"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-05T03:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.",
  "id": "GHSA-5vhh-j7c8-8hjc",
  "modified": "2023-12-05T03:30:22Z",
  "published": "2023-12-05T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28579"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2023-28579 (GCVE-0-2023-28579)

Vulnerability from cvelistv5 – Published: 2023-12-05 03:03 – Updated: 2024-10-10 19:53

Title

Buffer Copy Without Checking Size of Input in WLAN Host

Summary

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.

Severity

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

Assigner

qualcomm

References

1 reference

URL	Tags
https://www.qualcomm.com/company/product-security…

Impacted products

2 products

Vendor	Product	Version
Qualcomm, Inc.	Snapdragon	Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QAM8295P Affected: QCA6391 Affected: QCA6574AU Affected: QCA6595AU Affected: QCA6696 Affected: QCS410 Affected: QCS610 Affected: Qualcomm Video Collaboration VC1 Platform Affected: Qualcomm Video Collaboration VC3 Platform Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: SW5100 Affected: SW5100P Affected: WCD9341 Affected: WCD9370 Affected: WCD9380 Affected: WCN3660B Affected: WCN3680B Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835
qualcomm	snapdragon	Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QAM8295P Affected: QCA6391 Affected: QCA6574AU Affected: QCA6595AU Affected: QCA6696 Affected: QCS410 Affected: QCS610 Affected: Qualcomm Video Collaboration VC1 Platform Affected: Qualcomm Video Collaboration VC3 Platform Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8295P Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: SW5100 Affected: SW5100P Affected: WCD9341 Affected: WCD9370 Affected: WCD9380 Affected: WCN3660B Affected: WCN3680B Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835 cpe:2.3:h:qualcomm:snapdragon::::::::

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:22.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:qualcomm:snapdragon:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon",
            "vendor": "qualcomm",
            "versions": [
              {
                "status": "affected",
                "version": "FastConnect 6900"
              },
              {
                "status": "affected",
                "version": "FastConnect 7800"
              },
              {
                "status": "affected",
                "version": "QAM8295P"
              },
              {
                "status": "affected",
                "version": "QCA6391"
              },
              {
                "status": "affected",
                "version": "QCA6574AU"
              },
              {
                "status": "affected",
                "version": "QCA6595AU"
              },
              {
                "status": "affected",
                "version": "QCA6696"
              },
              {
                "status": "affected",
                "version": "QCS410"
              },
              {
                "status": "affected",
                "version": "QCS610"
              },
              {
                "status": "affected",
                "version": "Qualcomm Video Collaboration VC1 Platform"
              },
              {
                "status": "affected",
                "version": "Qualcomm Video Collaboration VC3 Platform"
              },
              {
                "status": "affected",
                "version": "SA6145P"
              },
              {
                "status": "affected",
                "version": "SA6150P"
              },
              {
                "status": "affected",
                "version": "SA6155P"
              },
              {
                "status": "affected",
                "version": "SA8145P"
              },
              {
                "status": "affected",
                "version": "SA8150P"
              },
              {
                "status": "affected",
                "version": "SA8155P"
              },
              {
                "status": "affected",
                "version": "SA8195P"
              },
              {
                "status": "affected",
                "version": "SA8295P"
              },
              {
                "status": "affected",
                "version": "Snapdragon 8 Gen 1 Mobile Platform"
              },
              {
                "status": "affected",
                "version": "SW5100"
              },
              {
                "status": "affected",
                "version": "SW5100P"
              },
              {
                "status": "affected",
                "version": "WCD9341"
              },
              {
                "status": "affected",
                "version": "WCD9370"
              },
              {
                "status": "affected",
                "version": "WCD9380"
              },
              {
                "status": "affected",
                "version": "WCN3660B"
              },
              {
                "status": "affected",
                "version": "WCN3680B"
              },
              {
                "status": "affected",
                "version": "WCN3950"
              },
              {
                "status": "affected",
                "version": "WCN3980"
              },
              {
                "status": "affected",
                "version": "WCN3988"
              },
              {
                "status": "affected",
                "version": "WSA8810"
              },
              {
                "status": "affected",
                "version": "WSA8815"
              },
              {
                "status": "affected",
                "version": "WSA8830"
              },
              {
                "status": "affected",
                "version": "WSA8835"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28579",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-08T05:00:38.210901Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-10T19:53:32.174Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCS410"
            },
            {
              "status": "affected",
              "version": "QCS610"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC1 Platform"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC3 Platform"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCN3660B"
            },
            {
              "status": "affected",
              "version": "WCN3680B"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-12T16:10:48.344Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin"
        }
      ],
      "title": "Buffer Copy Without Checking Size of Input in WLAN Host"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2023-28579",
    "datePublished": "2023-12-05T03:03:51.357Z",
    "dateReserved": "2023-03-17T11:41:45.852Z",
    "dateUpdated": "2024-10-10T19:53:32.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-5VHH-J7C8-8HJC

CVE-2023-28579 (GCVE-0-2023-28579)

Tags

Sightings

Nomenclature