Today > 4 Critical | 25 High | 30 Medium | 4 Low vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-43048

Dec. 12, 2024, 3:27 p.m.

Tags

CWE-787
CWE-121
product-security@qualcomm.com
2024-12-02
CVE-2024-43048

CVSS Score

7.8 / 10

Products Impacted

Vendor Product Versions
qualcomm
  • fastconnect_6200_firmware
  • fastconnect_6200
  • fastconnect_6900_firmware
  • fastconnect_6900
  • fastconnect_7800_firmware
  • fastconnect_7800
  • qcm4325_firmware
  • qcm4325
  • qcm8550_firmware
  • qcm8550
  • sdm429w_firmware
  • sdm429w
  • sg4150p_firmware
  • sg4150p
  • sm4635_firmware
  • sm4635
  • sm8550p_firmware
  • sm8550p
  • sm8635_firmware
  • sm8635
  • sm8750_firmware
  • sm8750
  • sm8750p_firmware
  • sm8750p
  • snapdragon_4_gen_1_mobile_platform_firmware
  • snapdragon_4_gen_1_mobile_platform
  • snapdragon_429_mobile_platform_firmware
  • snapdragon_429_mobile_platform
  • snapdragon_460_mobile_platform_firmware
  • snapdragon_460_mobile_platform
  • snapdragon_480_5g_mobile_platform_firmware
  • snapdragon_480_5g_mobile_platform
  • snapdragon_480\+_5g_mobile_platform_firmware
  • snapdragon_480\+_5g_mobile_platform
  • snapdragon_662_mobile_platform_firmware
  • snapdragon_662_mobile_platform
  • snapdragon_680_4g_mobile_platform_firmware
  • snapdragon_680_4g_mobile_platform
  • snapdragon_685_4g_mobile_platform_firmware
  • snapdragon_685_4g_mobile_platform
  • snapdragon_695_5g_mobile_platform_firmware
  • snapdragon_695_5g_mobile_platform
  • snapdragon_8_gen_2_mobile_platform_firmware
  • snapdragon_8_gen_2_mobile_platform
  • snapdragon_8_gen_3_mobile_platform_firmware
  • snapdragon_8_gen_3_mobile_platform
  • snapdragon_8\+_gen_2_mobile_platform_firmware
  • snapdragon_8\+_gen_2_mobile_platform
  • vision_intelligence_400_platform_firmware
  • vision_intelligence_400_platform
  • wcd9335_firmware
  • wcd9335
  • wcd9341_firmware
  • wcd9341
  • wcd9370_firmware
  • wcd9370
  • wcd9375_firmware
  • wcd9375
  • wcd9378_firmware
  • wcd9378
  • wcd9380_firmware
  • wcd9380
  • wcd9385_firmware
  • wcd9385
  • wcd9390_firmware
  • wcd9390
  • wcd9395_firmware
  • wcd9395
  • wcn3620_firmware
  • wcn3620
  • wcn3660b_firmware
  • wcn3660b
  • wcn3950_firmware
  • wcn3950
  • wcn3988_firmware
  • wcn3988
  • wcn3990_firmware
  • wcn3990
  • wcn6755_firmware
  • wcn6755
  • wcn7860_firmware
  • wcn7860
  • wcn7861_firmware
  • wcn7861
  • wcn7880_firmware
  • wcn7880
  • wcn7881_firmware
  • wcn7881
  • wsa8810_firmware
  • wsa8810
  • wsa8815_firmware
  • wsa8815
  • wsa8830_firmware
  • wsa8830
  • wsa8832_firmware
  • wsa8832
  • wsa8835_firmware
  • wsa8835
  • wsa8840_firmware
  • wsa8840
  • wsa8845_firmware
  • wsa8845
  • wsa8845h_firmware
  • wsa8845h
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -
  • -

Description

Memory corruption when invalid input is passed to invoke GPU Headroom API call.

Weaknesses

CWE-121
Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CWE ID: 121
CWE-787
Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CWE ID: 787

Date

Published: Dec. 2, 2024, 11:15 a.m.

Last Modified: Dec. 12, 2024, 3:27 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@qualcomm.com

CPEs

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o qualcomm fastconnect_6200_firmware - / / / / / / /
h qualcomm fastconnect_6200 - / / / / / / /
o qualcomm fastconnect_6900_firmware - / / / / / / /
h qualcomm fastconnect_6900 - / / / / / / /
o qualcomm fastconnect_7800_firmware - / / / / / / /
h qualcomm fastconnect_7800 - / / / / / / /
o qualcomm qcm4325_firmware - / / / / / / /
h qualcomm qcm4325 - / / / / / / /
o qualcomm qcm8550_firmware - / / / / / / /
h qualcomm qcm8550 - / / / / / / /
o qualcomm sdm429w_firmware - / / / / / / /
h qualcomm sdm429w - / / / / / / /
o qualcomm sg4150p_firmware - / / / / / / /
h qualcomm sg4150p - / / / / / / /
o qualcomm sm4635_firmware - / / / / / / /
h qualcomm sm4635 - / / / / / / /
o qualcomm sm8550p_firmware - / / / / / / /
h qualcomm sm8550p - / / / / / / /
o qualcomm sm8635_firmware - / / / / / / /
h qualcomm sm8635 - / / / / / / /
o qualcomm sm8750_firmware - / / / / / / /
h qualcomm sm8750 - / / / / / / /
o qualcomm sm8750p_firmware - / / / / / / /
h qualcomm sm8750p - / / / / / / /
o qualcomm snapdragon_4_gen_1_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_4_gen_1_mobile_platform - / / / / / / /
o qualcomm snapdragon_429_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_429_mobile_platform - / / / / / / /
o qualcomm snapdragon_460_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_460_mobile_platform - / / / / / / /
o qualcomm snapdragon_480_5g_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_480_5g_mobile_platform - / / / / / / /
o qualcomm snapdragon_480\+_5g_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_480\+_5g_mobile_platform - / / / / / / /
o qualcomm snapdragon_662_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_662_mobile_platform - / / / / / / /
o qualcomm snapdragon_680_4g_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_680_4g_mobile_platform - / / / / / / /
o qualcomm snapdragon_685_4g_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_685_4g_mobile_platform - / / / / / / /
o qualcomm snapdragon_695_5g_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_695_5g_mobile_platform - / / / / / / /
o qualcomm snapdragon_8_gen_2_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_8_gen_2_mobile_platform - / / / / / / /
o qualcomm snapdragon_8_gen_3_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_8_gen_3_mobile_platform - / / / / / / /
o qualcomm snapdragon_8\+_gen_2_mobile_platform_firmware - / / / / / / /
h qualcomm snapdragon_8\+_gen_2_mobile_platform - / / / / / / /
o qualcomm vision_intelligence_400_platform_firmware - / / / / / / /
h qualcomm vision_intelligence_400_platform - / / / / / / /
o qualcomm wcd9335_firmware - / / / / / / /
h qualcomm wcd9335 - / / / / / / /
o qualcomm wcd9341_firmware - / / / / / / /
h qualcomm wcd9341 - / / / / / / /
o qualcomm wcd9370_firmware - / / / / / / /
h qualcomm wcd9370 - / / / / / / /
o qualcomm wcd9375_firmware - / / / / / / /
h qualcomm wcd9375 - / / / / / / /
o qualcomm wcd9378_firmware - / / / / / / /
h qualcomm wcd9378 - / / / / / / /
o qualcomm wcd9380_firmware - / / / / / / /
h qualcomm wcd9380 - / / / / / / /
o qualcomm wcd9385_firmware - / / / / / / /
h qualcomm wcd9385 - / / / / / / /
o qualcomm wcd9390_firmware - / / / / / / /
h qualcomm wcd9390 - / / / / / / /
o qualcomm wcd9395_firmware - / / / / / / /
h qualcomm wcd9395 - / / / / / / /
o qualcomm wcn3620_firmware - / / / / / / /
h qualcomm wcn3620 - / / / / / / /
o qualcomm wcn3660b_firmware - / / / / / / /
h qualcomm wcn3660b - / / / / / / /
o qualcomm wcn3950_firmware - / / / / / / /
h qualcomm wcn3950 - / / / / / / /
o qualcomm wcn3988_firmware - / / / / / / /
h qualcomm wcn3988 - / / / / / / /
o qualcomm wcn3990_firmware - / / / / / / /
h qualcomm wcn3990 - / / / / / / /
o qualcomm wcn6755_firmware - / / / / / / /
h qualcomm wcn6755 - / / / / / / /
o qualcomm wcn7860_firmware - / / / / / / /
h qualcomm wcn7860 - / / / / / / /
o qualcomm wcn7861_firmware - / / / / / / /
h qualcomm wcn7861 - / / / / / / /
o qualcomm wcn7880_firmware - / / / / / / /
h qualcomm wcn7880 - / / / / / / /
o qualcomm wcn7881_firmware - / / / / / / /
h qualcomm wcn7881 - / / / / / / /
o qualcomm wsa8810_firmware - / / / / / / /
h qualcomm wsa8810 - / / / / / / /
o qualcomm wsa8815_firmware - / / / / / / /
h qualcomm wsa8815 - / / / / / / /
o qualcomm wsa8830_firmware - / / / / / / /
h qualcomm wsa8830 - / / / / / / /
o qualcomm wsa8832_firmware - / / / / / / /
h qualcomm wsa8832 - / / / / / / /
o qualcomm wsa8835_firmware - / / / / / / /
h qualcomm wsa8835 - / / / / / / /
o qualcomm wsa8840_firmware - / / / / / / /
h qualcomm wsa8840 - / / / / / / /
o qualcomm wsa8845_firmware - / / / / / / /
h qualcomm wsa8845 - / / / / / / /
o qualcomm wsa8845h_firmware - / / / / / / /
h qualcomm wsa8845h - / / / / / / /

CVSS Data

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score
7.8
Exploitability Score
1.8
Impact Score
5.9
Base Severity
HIGH
CVSS Vector String

The CVSS vector string provides an in-depth view of the vulnerability metrics.

View Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

https://docs.qualcomm.com/ product-security@qualcomm.com