CVE-2023-28577
MEDIUM
Published 2023-08-08T09:15:07.162Z
Actions:
CVSS Score
V3.1
6.7
/10
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score Metrics
Exploitability: N/A
Impact: N/A
EPSS Score
v2023.03.01
0.000
probability
of exploitation in the wild
There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.
Updated: 2025-01-25
Exploit Probability
Percentile: 0.114
Higher than 11.4% of all CVEs
Attack Vector Metrics
Impact Metrics
Description
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel address.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
Affected Versions:
FastConnect 6800
FastConnect 6900
FastConnect 7800
QCA6391
QCA6426
QCA6436
QCN9074
QCS410
QCS610
SD865 5G
Snapdragon 8 Gen 1 Mobile Platform
Snapdragon 865 5G Mobile Platform
Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
Snapdragon 870 5G Mobile Platform (SM8250-AC)
Snapdragon X55 5G Modem-RF System
Snapdragon XR2 5G Platform
SW5100
SW5100P
SXR2130
WCD9341
WCD9370
WCD9380
WCN3660B
WCN3680B
WCN3950
WCN3980
WCN3988
WSA8810
WSA8815
WSA8830
WSA8835
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Published: 2023-08-08T09:15:07.162Z
Last Modified: 2024-08-02T13:43:23.051Z
Copied to clipboard!