What is the severity of CVE-2023-28583?

CVE-2023-28583 is classified with a significant severity due to the potential for memory corruption.

How do I fix CVE-2023-28583?

To fix CVE-2023-28583, ensure that you apply the latest firmware updates provided by Qualcomm for affected devices.

Which devices are affected by CVE-2023-28583?

CVE-2023-28583 affects various Qualcomm firmware implementations, including aqt1000, fastconnect 6200, qca6420, qca6430, qca6574au, and more.

What type of vulnerability is CVE-2023-28583?

CVE-2023-28583 is a memory corruption vulnerability that occurs when an IPv6 prefix timer object's lifetime expires.

When was CVE-2023-28583 disclosed?

CVE-2023-28583 was disclosed in the January 2024 Qualcomm security bulletin.

Vulnerability/
CVE-2023-28583

high

7.8

CWE

415

2/1/2024

12/4/2024

CVE-2023-28583: Double Free in Data Network Stack & Connectivity

First published: Tue Jan 02 2024(Updated: )

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
All of
Qualcomm AQT1000 Firmware
Qualcomm AQT1000 Firmware
All of
Qualcomm FastConnect 6200
Qualcomm FastConnect 6200 Firmware
All of
Qualcomm QCA6420 Firmware
Qualcomm QCA6420 Firmware
All of
Qualcomm QCA6430 firmware
Qualcomm QCA6430 firmware
All of
Qualcomm QCA6574 Firmware
Qualcomm QCA6574AU
All of
Qualcomm QCA6696 Firmware
Qualcomm QCA6696 Firmware
All of
Qualcomm SA6145P Firmware
Qualcomm SA6145P Firmware
All of
Qualcomm SA6150P Firmware
Qualcomm SA6150P Firmware
All of
Qualcomm SA6155
Qualcomm SA6155P
All of
Qualcomm SA8145P
Qualcomm SA8145P Firmware
All of
Qualcomm SA8150P Firmware
Qualcomm SA8150P Firmware
All of
Qualcomm SA8155
Qualcomm SA8155P Firmware
All of
Qualcomm SA8195P
Qualcomm SA8195P Firmware
All of
Qualcomm Snapdragon 855
Qualcomm Snapdragon 855
All of
Qualcomm Snapdragon 855 Mobile Platform Firmware
Qualcomm Snapdragon 855 Mobile Platform Firmware
All of
Qualcomm Snapdragon 855+ / 860 Mobile Platform Firmware
Qualcomm Snapdragon 855+/860 Mobile Platform
All of
Qualcomm Snapdragon W5+ Gen 1 Wearable Platform Firmware
Qualcomm Snapdragon W5+ Gen 1 Wearable Platform
All of
Qualcomm Snapdragon Wear 4100+ Platform Firmware
Qualcomm Snapdragon Wear 4100+ Platform
All of
Qualcomm SW5100P
Qualcomm SW5100P
All of
Qualcomm SW5100 Firmware
Qualcomm SW5100 Firmware
All of
Qualcomm WCD9341
Qualcomm WCD9341 Firmware
All of
Qualcomm WCN3610 Firmware
Qualcomm WCN3610 Firmware
All of
Qualcomm WCN3660B
Qualcomm WCN3660B Firmware
All of
Qualcomm WCN3680B Firmware
Qualcomm WCN3680B Firmware
All of
Qualcomm Wcn3980
Qualcomm WCN3980
All of
Qualcomm WCN3988 Firmware
Qualcomm WCN3988 Firmware
All of
Qualcomm WSA8810
Qualcomm WSA8810 Firmware
All of
Qualcomm WSA8815 Firmware
Qualcomm WSA8815 Firmware
All of
Qualcomm WSA8830
Qualcomm WSA8830
All of
Qualcomm WSA8835
Qualcomm WSA8835 Firmware

Never miss a vulnerability like this again

Reference Links

https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin

Frequently Asked Questions

What is the severity of CVE-2023-28583?
CVE-2023-28583 is classified with a significant severity due to the potential for memory corruption.
How do I fix CVE-2023-28583?
To fix CVE-2023-28583, ensure that you apply the latest firmware updates provided by Qualcomm for affected devices.
Which devices are affected by CVE-2023-28583?
CVE-2023-28583 affects various Qualcomm firmware implementations, including aqt1000, fastconnect 6200, qca6420, qca6430, qca6574au, and more.
What type of vulnerability is CVE-2023-28583?
CVE-2023-28583 is a memory corruption vulnerability that occurs when an IPv6 prefix timer object's lifetime expires.
When was CVE-2023-28583 disclosed?
CVE-2023-28583 was disclosed in the January 2024 Qualcomm security bulletin.

agent/type
agent/first-publish-date
agent/references
agent/weakness
agent/author
agent/severity
agent/title
collector/mitre-cve
source/MITRE
agent/description
agent/event
agent/last-modified-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/qualcomm
canonical/qualcomm aqt1000 firmware
canonical/qualcomm fastconnect 6200
canonical/qualcomm fastconnect 6200 firmware
canonical/qualcomm qca6420 firmware
canonical/qualcomm qca6430 firmware
canonical/qualcomm qca6574 firmware
canonical/qualcomm qca6574au
canonical/qualcomm qca6696 firmware
canonical/qualcomm sa6145p firmware
canonical/qualcomm sa6150p firmware
canonical/qualcomm sa6155
canonical/qualcomm sa6155p
canonical/qualcomm sa8145p
canonical/qualcomm sa8145p firmware
canonical/qualcomm sa8150p firmware
canonical/qualcomm sa8155
canonical/qualcomm sa8155p firmware
canonical/qualcomm sa8195p
canonical/qualcomm sa8195p firmware
canonical/qualcomm snapdragon 855
canonical/qualcomm snapdragon 855 mobile platform firmware
canonical/qualcomm snapdragon 855+ / 860 mobile platform firmware
canonical/qualcomm snapdragon 855+/860 mobile platform
canonical/qualcomm snapdragon w5+ gen 1 wearable platform firmware
canonical/qualcomm snapdragon w5+ gen 1 wearable platform
canonical/qualcomm snapdragon wear 4100+ platform firmware
canonical/qualcomm snapdragon wear 4100+ platform
canonical/qualcomm sw5100p
canonical/qualcomm sw5100 firmware
canonical/qualcomm wcd9341
canonical/qualcomm wcd9341 firmware
canonical/qualcomm wcn3610 firmware
canonical/qualcomm wcn3660b
canonical/qualcomm wcn3660b firmware
canonical/qualcomm wcn3680b firmware
canonical/qualcomm wcn3980
canonical/qualcomm wcn3988 firmware
canonical/qualcomm wsa8810
canonical/qualcomm wsa8810 firmware
canonical/qualcomm wsa8815 firmware
canonical/qualcomm wsa8830
canonical/qualcomm wsa8835
canonical/qualcomm wsa8835 firmware