Vulnerability Description
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
CVSS Score
6.1
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | C-V2X 9150 Firmware | - |
| Qualcomm | C-V2X 9150 | - |
| Qualcomm | Csrb31024 Firmware | - |
| Qualcomm | Csrb31024 | - |
| Qualcomm | Fastconnect 6800 Firmware | - |
| Qualcomm | Fastconnect 6800 | - |
| Qualcomm | Fastconnect 6900 Firmware | - |
| Qualcomm | Fastconnect 6900 | - |
| Qualcomm | Fastconnect 7800 Firmware | - |
| Qualcomm | Fastconnect 7800 | - |
| Qualcomm | Msm8996Au Firmware | - |
| Qualcomm | Msm8996Au | - |
| Qualcomm | Qam8255P Firmware | - |
| Qualcomm | Qam8255P | - |
| Qualcomm | Qam8295P Firmware | - |
| Qualcomm | Qam8295P | - |
| Qualcomm | Qam8650P Firmware | - |
| Qualcomm | Qam8650P | - |
Related Weaknesses (CWE)
References
- https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bullPatchVendor Advisory
- https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bullPatchVendor Advisory
FAQ
What is CVE-2023-43528?
CVE-2023-43528 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
How severe is CVE-2023-43528?
CVE-2023-43528 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-43528?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm C-V2X 9150 Firmware, Qualcomm C-V2X 9150, Qualcomm Csrb31024 Firmware.