CVE-2023-28588

HIGH

Qualcomm Bluetooth Host - Denial of Service via RFC Slot Allocation

Title source: llm

STIX 2.1

Description

Transient DOS in Bluetooth Host while rfc slot allocation.

Exploits (5)

nomisec NO CODE 1 stars

by Trinadh465 · poc

https://github.com/Trinadh465/CVE-2023-28588

View Code ZIP pw:eip

nomisec WORKING POC

by uthrasri · poc

https://github.com/uthrasri/CVE-2023-28588_G2.5_singlefile

View Code ZIP pw:eip

nomisec NO CODE

by uthrasri · poc

https://github.com/uthrasri/CVE-2023-28588_Singlefile

View Code ZIP pw:eip

nomisec NO CODE

by uthrasri · poc

https://github.com/uthrasri/CVE-2023-28588

View Code ZIP pw:eip

nomisec NO CODE

by uthrasri · poc

https://github.com/uthrasri/CVE-2023-28588_system_bt

View Code ZIP pw:eip

References (1)

Core 1

Core References

Patch, Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin

Scores

CVSS v3 7.5

EPSS 0.0062

EPSS Percentile 70.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-190

Status published

Products (50)

qualcomm/apq8017_firmware

qualcomm/apq8064au_firmware

qualcomm/aqt1000_firmware

qualcomm/ar8031_firmware

qualcomm/ar8035_firmware

qualcomm/csra6620_firmware

qualcomm/csra6640_firmware

qualcomm/fastconnect_6200_firmware

qualcomm/fastconnect_6700_firmware

qualcomm/fastconnect_6800_firmware

... and 40 more

Published Dec 05, 2023

Tracked Since Feb 18, 2026