CVE-2024-21476

nvd nist

Published: May 6, 2024Modified: Jan 15, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: product-security@qualcomm.com (Secondary)

Description

Memory corruption when the channel ID passed by user is not validated and further used.

Affected (48)

Products: Qualcomm: Aqt1000 Firmware, Ar8035 Firmware, Fastconnect 6200 Firmware, Fastconnect 6800 Firmware, Fastconnect 6900 Firmware, Fastconnect 7800 Firmware, Qca1062 Firmware, Qca1064 Firmware, Qca6391 Firmware, Qca6420 Firmware, Qca6421 Firmware, Qca6426 Firmware, Qca6430 Firmware, Qca6431 Firmware, Qca6436 Firmware, Qca8337 Firmware, Qsm8250 Firmware, Sc8180x+sdx55 Firmware, Sc8380xp Firmware, Sd865 5g Firmware, Sdx55 Firmware, Snapdragon 865+ 5g Mobile Firmware, Snapdragon 870 5g Mobile Firmware, Snapdragon 888+ 5g Mobile Firmware, Sc8180x Ad Firmware, Sc8180xp Ad Firmware, Sc8180x Aaab Firmware, Sc8180xp Acaf Firmware, Sc8180x Acaf Firmware, Sc8180xp Aaab Firmware, Sc8280xp Abbb Firmware, Snapdragon X55 5g Modem Rf Firmware, Snapdragon Xr2 5g Firmware, Snapdragon Xr2+ Gen 1 Firmware, Sxr2130 Firmware, Wcd9340 Firmware, Wcd9341 Firmware, Wcd9380 Firmware, Wcd9385 Firmware, Wsa8810 Firmware, Wsa8815 Firmware, Wsa8830 Firmware, Wsa8835 Firmware, Wsa8840 Firmware, Wsa8845 Firmware, Wsa8845h Firmware

Qualcomm

46 products

Aqt1000 Firmware

Ar8035 Firmware

Fastconnect 6200 Firmware

Fastconnect 6800 Firmware

Fastconnect 6900 Firmware

Fastconnect 7800 Firmware

Sc8180x+sdx55 Firmware

Sc8380xp Firmware

Sd865 5g Firmware

Sdx55 Firmware

Snapdragon 865+ 5g Mobile Firmware

Snapdragon 870 5g Mobile Firmware

Snapdragon 888+ 5g Mobile Firmware

Sc8180x Ad Firmware

Sc8180xp Ad Firmware

Sc8180x Aaab Firmware

Sc8180xp Acaf Firmware

Sc8180x Acaf Firmware

Sc8180xp Aaab Firmware

Sc8280xp Abbb Firmware

Snapdragon X55 5g Modem Rf Firmware

Snapdragon Xr2 5g Firmware

Snapdragon Xr2+ Gen 1 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Aqt1000 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Aqt1000	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8035 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8035	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Fastconnect 6200 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Fastconnect 6200	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Fastconnect 6800 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Fastconnect 6800	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Fastconnect 6900 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Fastconnect 6900	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Fastconnect 7800 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Fastconnect 7800	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca1062 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca1062	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca1064 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca1064	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6391 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6391	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6420 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6420	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6421 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6421	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6426 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6426	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6430 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6430	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6431 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6431	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6436 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6436	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8337 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8337	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qsm8250 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qsm8250	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8180x+sdx55 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8180x+sdx55	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8380xp Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8380xp	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd865 5g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd865 5g	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx55 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx55	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 865 5g Mobile Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 865 5g Mobile	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 865+ 5g Mobile Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 865+ 5g Mobile	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 870 5g Mobile Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 870 5g Mobile	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 888 5g Mobile Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 888 5g Mobile	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 888+ 5g Mobile Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 888+ 5g Mobile	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8180x Ad Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8180x Ad	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8180xp Ad Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8180xp Ad	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8180x Aaab Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8180x Aaab	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8180xp Acaf Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8180xp Acaf	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8180x Acaf Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8180x Acaf	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8180xp Aaab Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8180xp Aaab	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sc8280xp Abbb Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sc8280xp Abbb	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X55 5g Modem Rf Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X55 5g Modem Rf	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon Xr2 5g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon Xr2 5g	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon Xr2+ Gen 1 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon Xr2+ Gen 1	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr2130 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr2130	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9341 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9341	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9385 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9385	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8840 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8840	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8845 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8845	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8845h Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8845h	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html

Source: product-security@qualcomm.com

Vendor Advisory

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.