CVE-2024-23378
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: product-security@qualcomm.com (Secondary)
Description
Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.
Affected (18)
Products: Qualcomm: Srv1m Firmware, Srv1h Firmware, Snapdragon Auto 5g Modem Rf Gen 2 Firmware, Sa9000p Firmware, Sa8775p Firmware, Sa8770p Firmware, Sa8650p Firmware, Sa8620p Firmware, Sa8255p Firmware, Sa7775p Firmware, Sa7255p Firmware, Qca6698aq Firmware, Qca6584au Firmware, Qamsrv1m Firmware, Qamsrv1h Firmware, Qam8775p Firmware, Qam8650p Firmware, Qam8255p Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Srv1m | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Srv1h | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Snapdragon Auto 5g Modem Rf Gen 2 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Sa9000p | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Sa8775p | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Sa8770p | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Sa8650p | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Sa8620p | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Sa8255p | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Sa7775p | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Sa7255p | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Qca6698aq | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Qca6584au | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Qamsrv1m | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Qamsrv1h | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Qam8775p | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Qam8650p | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Qualcomm Qam8255p | All versions |
References (1)
Source: product-security@qualcomm.com
Vendor Advisory
Timeline
No history available yet.