CVE-2023-43512 — Buffer Over-read in INC Snapdragon

CWE-126 — Buffer Over-read CWE-125 — Out-of-bounds Read2 documents2 sources

Severity

7.5HIGHNVD

EPSS

0.3%

top 47.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qualcomm INC Snapdragon

Timeline

PublishedJan 2

Description

Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services buffer.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶CVEListV5qualcomm_inc/snapdragonQCN7606

🔴Vulnerability Details

GHSA

GHSA-4q33-wj3r-p79q: Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual siz↗2024-01-02

▶