gsd-2023-28581
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2023-28581", "id": "GSD-2023-28581" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-28581" ], "details": "Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.", "id": "GSD-2023-28581", "modified": "2023-12-13T01:20:47.253159Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2023-28581", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Snapdragon", "version": { "version_data": [ { "version_affected": "=", "version_value": "FastConnect 6800" }, { "version_affected": "=", "version_value": "FastConnect 6900" }, { "version_affected": "=", "version_value": "FastConnect 7800" }, { "version_affected": "=", "version_value": "QCA6391" }, { "version_affected": "=", "version_value": "QCA6426" }, { "version_affected": "=", "version_value": "QCA6436" }, { "version_affected": "=", "version_value": "SD 8 Gen1 5G" }, { "version_affected": "=", "version_value": "SD865 5G" }, { "version_affected": "=", "version_value": "Snapdragon 8 Gen 1 Mobile Platform" }, { "version_affected": "=", "version_value": "Snapdragon 865 5G Mobile Platform" }, { "version_affected": "=", "version_value": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "version_affected": "=", "version_value": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "version_affected": "=", "version_value": "Snapdragon AR2 Gen 1 Platform" }, { "version_affected": "=", "version_value": "Snapdragon XR2 5G Platform" }, { "version_affected": "=", "version_value": "SSG2115P" }, { "version_affected": "=", "version_value": "SSG2125P" }, { "version_affected": "=", "version_value": "SXR1230P" }, { "version_affected": "=", "version_value": "SXR2230P" }, { "version_affected": "=", "version_value": "WCD9380" }, { "version_affected": "=", "version_value": "WCD9385" }, { "version_affected": "=", "version_value": "WCN6740" }, { "version_affected": "=", "version_value": "WSA8810" }, { "version_affected": "=", "version_value": "WSA8815" }, { "version_affected": "=", "version_value": "WSA8830" }, { "version_affected": "=", "version_value": "WSA8832" }, { "version_affected": "=", "version_value": "WSA8835" } ] } } ] }, "vendor_name": "Qualcomm, Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE." } ] }, "impact": { "cvss": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "cweId": "CWE-119", "lang": "eng", "value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin", "refsource": "MISC", "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ] } }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D89F035A-2388-48FC-AEBB-8429C6880F4A", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA13EF4E-AAE6-45F4-9E41-78310E37CE81", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A344E78F-D15A-460E-8EF8-7C6FC39F2D5E", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FF5EC23-4884-4C2B-8E77-50B1E8E28A3D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "04F574BC-9AB2-4B83-A466-556ECEBBD3DF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*", "matchCriteriaId": "A34D021D-C043-4EFD-9AB3-B2174528CBA3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "76910884-45D9-4EA2-BA30-44A8C7CC1339", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*", "matchCriteriaId": "33D393A6-4586-4416-86EB-F9D86DC3DED8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*", "matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_865_5g_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "713B1CB7-985F-49F4-A5A7-23DFD0F4EA04", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_865_5g:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D7467AE-2EC2-4D9C-9D9C-83BAE7AE48CD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_865\\+_5g_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F15FC88-6366-4210-A949-75A3890476B2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_865\\+_5g:-:*:*:*:*:*:*:*", "matchCriteriaId": "711C5A1C-F67B-4BE2-BFE7-C86E716F85E2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_870_5g_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6D89373-04BA-4DD4-A0D0-A45AF93FA7AB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_870_5g:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE485ADB-9A68-41AE-BBA8-242AC27263DD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BB4A33E-6647-447E-BDA3-24246D49C5DD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar2_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "1046CC3E-FB12-4527-9978-DCC40EEE8938", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "665811D8-F648-4F32-A375-FAF9C9E928B3", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A537932-6EAD-411B-83FF-48CF050F603A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A146E52D-4AFC-47B4-920F-DAC76077DF25", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:ssg2115p:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BA4BA00-C8D1-4DAC-8030-CB5EEC7D4591", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA41907C-1CDE-42F3-B21D-5D53B2F06AF7", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:ssg2125p:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDC270A7-205C-41EB-A2E5-2A381A16BFBB", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE3236D6-0D01-4D05-B580-8888B99BAA5D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:sxr1230p:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E1753FC-F3CD-4B50-886D-8E16D9301A84", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FB5DB2B8-25E1-4C0F-8AFB-7627FF9A04E1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BB21B3F-6D07-4B45-8A71-DC5490176296", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "descriptions": [ { "lang": "en", "value": "Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE." }, { "lang": "es", "value": "Corrupci\u00f3n de la memoria en el WLAN Firmware mientras analiza claves GTK recibidas en GTK KDE." } ], "id": "CVE-2023-28581", "lastModified": "2024-04-12T17:17:12.083", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "product-security@qualcomm.com", "type": "Secondary" } ] }, "published": "2023-09-05T07:15:14.247", "references": [ { "source": "product-security@qualcomm.com", "tags": [ "Vendor Advisory" ], "url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin" } ], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "product-security@qualcomm.com", "type": "Secondary" } ] } } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.