CVE-2024-43047

Oct. 9, 2024, 2:39 p.m.

CVSS Score

7.8 / 10

Products Impacted

Vendor	Product	Versions
qualcomm	fastconnect_6700_firmware fastconnect_6700 fastconnect_6800_firmware fastconnect_6800 fastconnect_6900_firmware fastconnect_6900 fastconnect_7800_firmware fastconnect_7800 qam8295p_firmware qam8295p qca6174a_firmware qca6174a qca6391_firmware qca6391 qca6426_firmware qca6426 qca6436_firmware qca6436 qca6574au_firmware qca6574au qca6584au_firmware qca6584au qca6595_firmware qca6595 qca6595au_firmware qca6595au qca6688aq_firmware qca6688aq qca6696_firmware qca6696 qca6698aq_firmware qca6698aq qcs410_firmware qcs410 qcs610_firmware qcs610 qcs6490_firmware qcs6490 video_collaboration_vc1_firmware video_collaboration_vc1 video_collaboration_vc3_firmware video_collaboration_vc3 sa4150p_firmware sa4150p sa4155p_firmware sa4155p sa6145p_firmware sa6145p sa6150p_firmware sa6150p sa6155p_firmware sa6155p sa8145p_firmware sa8145p sa8150p_firmware sa8150p sa8155p_firmware sa8155p sa8195p_firmware sa8195p sa8295p_firmware sa8295p sd660_firmware sd660 sd865_5g_firmware sd865_5g sg4150p_firmware sg4150p snapdragon_660_mobile_firmware snapdragon_660_mobile snapdragon_680_4g_mobile_firmware snapdragon_680_4g_mobile snapdragon_685_4g_mobile_firmware snapdragon_685_4g_mobile snapdragon_8_gen_1_mobile_firmware snapdragon_8_gen_1_mobile snapdragon_865_5g_mobile_firmware snapdragon_865_5g_mobile snapdragon_865\+_5g_mobile_firmware snapdragon_865\+_5g_mobile snapdragon_870_5g_mobile_firmware snapdragon_870_5g_mobile snapdragon_888_5g_mobile_firmware snapdragon_888_5g_mobile snapdragon_888\+_5g_mobile_firmware snapdragon_888\+_5g_mobile snapdragon_auto_5g_modem-rf_firmware snapdragon_auto_5g_modem-rf snapdragon_auto_5g_modem-rf_gen_2_firmware snapdragon_auto_5g_modem-rf_gen_2 snapdragon_x55_5g_modem-rf_firmware snapdragon_x55_5g_modem-rf snapdragon_xr2_5g_firmware snapdragon_xr2_5g sw5100_firmware sw5100 sw5100p_firmware sw5100p sxr2130_firmware sxr2130 wcd9335_firmware wcd9335 wcd9341_firmware wcd9341 wcd9370_firmware wcd9370 wcd9375_firmware wcd9375 wcd9380_firmware wcd9380 wcd9385_firmware wcd9385 wcn3950_firmware wcn3950 wcn3980_firmware wcn3980 wcn3988_firmware wcn3988 wcn3990_firmware wcn3990 wsa8810_firmware wsa8810 wsa8815_firmware wsa8815 wsa8830_firmware wsa8830 wsa8835_firmware wsa8835	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Description

Memory corruption while maintaining memory maps of HLOS memory.

Weaknesses

CWE-416

Use After Free

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CWE ID: 416

Date

Published: Oct. 7, 2024, 1:15 p.m.

Last Modified: Oct. 9, 2024, 2:39 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@qualcomm.com

CPEs

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
o	qualcomm	fastconnect_6700_firmware	-	/	/	/	/	/	/	/
h	qualcomm	fastconnect_6700	-	/	/	/	/	/	/	/
o	qualcomm	fastconnect_6800_firmware	-	/	/	/	/	/	/	/
h	qualcomm	fastconnect_6800	-	/	/	/	/	/	/	/
o	qualcomm	fastconnect_6900_firmware	-	/	/	/	/	/	/	/
h	qualcomm	fastconnect_6900	-	/	/	/	/	/	/	/
o	qualcomm	fastconnect_7800_firmware	-	/	/	/	/	/	/	/
h	qualcomm	fastconnect_7800	-	/	/	/	/	/	/	/
o	qualcomm	qam8295p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qam8295p	-	/	/	/	/	/	/	/
o	qualcomm	qca6174a_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6174a	-	/	/	/	/	/	/	/
o	qualcomm	qca6391_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6391	-	/	/	/	/	/	/	/
o	qualcomm	qca6426_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6426	-	/	/	/	/	/	/	/
o	qualcomm	qca6436_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6436	-	/	/	/	/	/	/	/
o	qualcomm	qca6574au_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6574au	-	/	/	/	/	/	/	/
o	qualcomm	qca6584au_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6584au	-	/	/	/	/	/	/	/
o	qualcomm	qca6595_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6595	-	/	/	/	/	/	/	/
o	qualcomm	qca6595au_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6595au	-	/	/	/	/	/	/	/
o	qualcomm	qca6688aq_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6688aq	-	/	/	/	/	/	/	/
o	qualcomm	qca6696_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6696	-	/	/	/	/	/	/	/
o	qualcomm	qca6698aq_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qca6698aq	-	/	/	/	/	/	/	/
o	qualcomm	qcs410_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qcs410	-	/	/	/	/	/	/	/
o	qualcomm	qcs610_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qcs610	-	/	/	/	/	/	/	/
o	qualcomm	qcs6490_firmware	-	/	/	/	/	/	/	/
h	qualcomm	qcs6490	-	/	/	/	/	/	/	/
o	qualcomm	video_collaboration_vc1_firmware	-	/	/	/	/	/	/	/
h	qualcomm	video_collaboration_vc1	-	/	/	/	/	/	/	/
o	qualcomm	video_collaboration_vc3_firmware	-	/	/	/	/	/	/	/
h	qualcomm	video_collaboration_vc3	-	/	/	/	/	/	/	/
o	qualcomm	sa4150p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa4150p	-	/	/	/	/	/	/	/
o	qualcomm	sa4155p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa4155p	-	/	/	/	/	/	/	/
o	qualcomm	sa6145p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa6145p	-	/	/	/	/	/	/	/
o	qualcomm	sa6150p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa6150p	-	/	/	/	/	/	/	/
o	qualcomm	sa6155p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa6155p	-	/	/	/	/	/	/	/
o	qualcomm	sa8145p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa8145p	-	/	/	/	/	/	/	/
o	qualcomm	sa8150p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa8150p	-	/	/	/	/	/	/	/
o	qualcomm	sa8155p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa8155p	-	/	/	/	/	/	/	/
o	qualcomm	sa8195p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa8195p	-	/	/	/	/	/	/	/
o	qualcomm	sa8295p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sa8295p	-	/	/	/	/	/	/	/
o	qualcomm	sd660_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sd660	-	/	/	/	/	/	/	/
o	qualcomm	sd865_5g_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sd865_5g	-	/	/	/	/	/	/	/
o	qualcomm	sg4150p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sg4150p	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_660_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_660_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_680_4g_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_680_4g_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_685_4g_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_685_4g_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_8_gen_1_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_8_gen_1_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_865_5g_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_865_5g_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_865\+_5g_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_865\+_5g_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_870_5g_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_870_5g_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_888_5g_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_888_5g_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_888\+_5g_mobile_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_888\+_5g_mobile	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_auto_5g_modem-rf_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_auto_5g_modem-rf	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_auto_5g_modem-rf_gen_2_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_auto_5g_modem-rf_gen_2	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_x55_5g_modem-rf_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_x55_5g_modem-rf	-	/	/	/	/	/	/	/
o	qualcomm	snapdragon_xr2_5g_firmware	-	/	/	/	/	/	/	/
h	qualcomm	snapdragon_xr2_5g	-	/	/	/	/	/	/	/
o	qualcomm	sw5100_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sw5100	-	/	/	/	/	/	/	/
o	qualcomm	sw5100p_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sw5100p	-	/	/	/	/	/	/	/
o	qualcomm	sxr2130_firmware	-	/	/	/	/	/	/	/
h	qualcomm	sxr2130	-	/	/	/	/	/	/	/
o	qualcomm	wcd9335_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9335	-	/	/	/	/	/	/	/
o	qualcomm	wcd9341_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9341	-	/	/	/	/	/	/	/
o	qualcomm	wcd9370_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9370	-	/	/	/	/	/	/	/
o	qualcomm	wcd9375_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9375	-	/	/	/	/	/	/	/
o	qualcomm	wcd9380_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9380	-	/	/	/	/	/	/	/
o	qualcomm	wcd9385_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcd9385	-	/	/	/	/	/	/	/
o	qualcomm	wcn3950_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcn3950	-	/	/	/	/	/	/	/
o	qualcomm	wcn3980_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcn3980	-	/	/	/	/	/	/	/
o	qualcomm	wcn3988_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcn3988	-	/	/	/	/	/	/	/
o	qualcomm	wcn3990_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wcn3990	-	/	/	/	/	/	/	/
o	qualcomm	wsa8810_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8810	-	/	/	/	/	/	/	/
o	qualcomm	wsa8815_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8815	-	/	/	/	/	/	/	/
o	qualcomm	wsa8830_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8830	-	/	/	/	/	/	/	/
o	qualcomm	wsa8835_firmware	-	/	/	/	/	/	/	/
h	qualcomm	wsa8835	-	/	/	/	/	/	/	/

CVSS Data

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

7.8

Exploitability Score

1.8

Impact Score

5.9

Base Severity

HIGH

CVSS Vector String

The CVSS vector string provides an in-depth view of the vulnerability metrics.

View Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html

product-security@qualcomm.com

CVE-2024-43047

Tags

CVSS Score

Products Impacted

Description

Weaknesses

CWE-416

Use After Free

Date

Status : Analyzed

Source

CPEs

CVSS Data

Attack Vector

Attack Complexity

Privileges Required

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Base Score

Exploitability Score

Impact Score

Base Severity

CVSS Vector String

References

Share