CVE-2024-43060

nvd nist

Published: Mar 3, 2025Modified: Mar 6, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: product-security@qualcomm.com (Secondary)

Description

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

Affected (41)

Products: Qualcomm: Ar8035 Firmware, Fastconnect 6900 Firmware, Fastconnect 7800 Firmware, Qam8295p Firmware, Qca6574au Firmware, Qca6696 Firmware, Qca8081 Firmware, Qca8337 Firmware, Qca9367 Firmware, Qca9377 Firmware, Qcc710 Firmware, Qcn6224 Firmware, Qcn6274 Firmware, Qcs8550 Firmware, Qfw7114 Firmware, Qfw7124 Firmware, Sa6145p Firmware, Sa6150p Firmware, Sa6155p Firmware, Sa8145p Firmware, Sa8150p Firmware, Sa8155p Firmware, Sa8195p Firmware, Sa8295p Firmware, Sa8530p Firmware, Sa8540p Firmware, Sa9000p Firmware, Sdm429w Firmware, Snapdragon 429 Firmware, Snapdragon X72 5g Firmware, Snapdragon X75 5g Firmware, Sxr2230p Firmware, Sxr2250p Firmware, Wcd9340 Firmware, Wcd9380 Firmware, Wcd9385 Firmware, Wcn3620 Firmware, Wcn3660b Firmware, Wsa8830 Firmware, Wsa8832 Firmware, Wsa8835 Firmware

Qualcomm

41 products

Ar8035 Firmware

Fastconnect 6900 Firmware

Fastconnect 7800 Firmware

Snapdragon 429 Firmware

Snapdragon X72 5g Firmware

Snapdragon X75 5g Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8035 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8035	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Fastconnect 6900 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Fastconnect 6900	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Fastconnect 7800 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Fastconnect 7800	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qam8295p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qam8295p	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574au	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6696 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6696	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8081 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8081	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8337 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8337	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca9367 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca9367	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca9377 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca9377	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcc710 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcc710	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6224 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6224	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcn6274 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcn6274	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs8550 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs8550	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfw7114 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfw7114	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfw7124 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfw7124	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa6145p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa6145p	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa6150p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa6150p	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa6155p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa6155p	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8145p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8145p	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8150p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8150p	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8155p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8155p	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8195p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8195p	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8295p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8295p	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8530p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8530p	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa8540p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa8540p	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sa9000p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sa9000p	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm429w Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm429w	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon 429 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon 429	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X72 5g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X72 5g	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Snapdragon X75 5g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Snapdragon X75 5g	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr2230p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr2230p	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sxr2250p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sxr2250p	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9385 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9385	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3620 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3620	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3660b Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3660b	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8832 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8832	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-823

Use of Out-of-range Pointer Offset

The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

References (1)

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html

Source: product-security@qualcomm.com

PatchVendor Advisory

Timeline

No history available yet.