CVE-2023-28555

Summary

Transient DOS in Audio while remapping channel buffer in media codec decoding.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAR8035affected
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6700affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonMDM9628affected
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQCA6564Aaffected
Qualcomm, Inc.SnapdragonQCA6564AUaffected
Qualcomm, Inc.SnapdragonQCA6574affected
Qualcomm, Inc.SnapdragonQCA6574Aaffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA8081affected
Qualcomm, Inc.SnapdragonQCA8337affected
Qualcomm, Inc.SnapdragonQCM4325affected
Qualcomm, Inc.SnapdragonQCM4490affected
Qualcomm, Inc.SnapdragonQCN6024affected
Qualcomm, Inc.SnapdragonQCN9024affected
Qualcomm, Inc.SnapdragonQCS4490affected
Qualcomm, Inc.SnapdragonSA4150Paffected
Qualcomm, Inc.SnapdragonSA4155Paffected
Qualcomm, Inc.SnapdragonSA6145Paffected
Qualcomm, Inc.SnapdragonSA6150Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8145Paffected
Qualcomm, Inc.SnapdragonSA8150Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSD 8 Gen1 5Gaffected
Qualcomm, Inc.SnapdragonSD865 5Gaffected
Qualcomm, Inc.SnapdragonSDX55affected
Qualcomm, Inc.SnapdragonSG4150Paffected
Qualcomm, Inc.SnapdragonSM4450affected
Qualcomm, Inc.SnapdragonSnapdragon 4 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 480 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 480+ 5G Mobile Platform (SM4350-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 680 4G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 685 4G Mobile Platform (SM6225-AD)affected
Qualcomm, Inc.SnapdragonSnapdragon 695 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8+ Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 888 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 888+ 5G Mobile Platform (SM8350-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon AR2 Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Auto 5G Modem-RFaffected
Qualcomm, Inc.SnapdragonSnapdragon W5+ Gen 1 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X65 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon XR2 5G Platformaffected
Qualcomm, Inc.SnapdragonSSG2115Paffected
Qualcomm, Inc.SnapdragonSSG2125Paffected
Qualcomm, Inc.SnapdragonSW5100affected
Qualcomm, Inc.SnapdragonSW5100Paffected
Qualcomm, Inc.SnapdragonSXR1230Paffected
Qualcomm, Inc.SnapdragonSXR2230Paffected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWCN6740affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References