CVE-2023-28571

Summary

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAPQ8064AUaffected
Qualcomm, Inc.SnapdragonCSRB31024affected
Qualcomm, Inc.SnapdragonFastConnect 6800affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonMDM9650affected
Qualcomm, Inc.SnapdragonMSM8996AUaffected
Qualcomm, Inc.SnapdragonQAM8255Paffected
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQCA6175Aaffected
Qualcomm, Inc.SnapdragonQCA6310affected
Qualcomm, Inc.SnapdragonQCA6320affected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6421affected
Qualcomm, Inc.SnapdragonQCA6426affected
Qualcomm, Inc.SnapdragonQCA6431affected
Qualcomm, Inc.SnapdragonQCA6436affected
Qualcomm, Inc.SnapdragonQCA6554Aaffected
Qualcomm, Inc.SnapdragonQCA6564Aaffected
Qualcomm, Inc.SnapdragonQCA6564AUaffected
Qualcomm, Inc.SnapdragonQCA6574affected
Qualcomm, Inc.SnapdragonQCA6574Aaffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6584AUaffected
Qualcomm, Inc.SnapdragonQCA6595affected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA6678AQaffected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA6797AQaffected
Qualcomm, Inc.SnapdragonQCC2073affected
Qualcomm, Inc.SnapdragonQCC2076affected
Qualcomm, Inc.SnapdragonQCN9074affected
Qualcomm, Inc.SnapdragonQCS410affected
Qualcomm, Inc.SnapdragonQCS610affected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC1 Platformaffected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC3 Platformaffected
Qualcomm, Inc.SnapdragonSA6145Paffected
Qualcomm, Inc.SnapdragonSA6150Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8145Paffected
Qualcomm, Inc.SnapdragonSA8150Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSA8255Paffected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSD835affected
Qualcomm, Inc.SnapdragonSD865 5Gaffected
Qualcomm, Inc.SnapdragonSM8550Paffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8+ Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 820 Automotive Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 835 Mobile PC Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 865 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 865+ 5G Mobile Platform (SM8250-AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 870 5G Mobile Platform (SM8250-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon Auto 5G Modem-RFaffected
Qualcomm, Inc.SnapdragonSnapdragon W5+ Gen 1 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon X55 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon XR2 5G Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Auto 4G Modemaffected
Qualcomm, Inc.SnapdragonSW5100affected
Qualcomm, Inc.SnapdragonSW5100Paffected
Qualcomm, Inc.SnapdragonSXR2130affected
Qualcomm, Inc.SnapdragonWCD9335affected
Qualcomm, Inc.SnapdragonWCD9340affected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCD9390affected
Qualcomm, Inc.SnapdragonWCD9395affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWCN3990affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References