CVE Vulnerabilities

CVE-2023-28583

Double Free

Published: Jan 02, 2024 | Modified: Nov 21, 2024
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

Weakness 

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

Affected Software 

Name Vendor Start Version End Version
Aqt1000_firmware Qualcomm - (including) - (including)

Potential Mitigations 

References