CVE-2024-21474 - Vulnerability Details

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00082.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Qualcomm, Inc.

Snapdragon

unaffected

Version	Status	Constraints
`AR8035`	affected	—
`FastConnect 6900`	affected	—
`FastConnect 7800`	affected	—
`QAM8295P`	affected	—
`QCA6574AU`	affected	—
`QCA6595`	affected	—
`QCA6696`	affected	—
`QCA6698AQ`	affected	—
`QCA8081`	affected	—
`QCA8337`	affected	—
`SA8295P`	affected	—
`SA8530P`	affected	—
`SA8540P`	affected	—
`SA9000P`	affected	—
`SC8380XP`	affected	—
`Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)`	affected	—
`Snapdragon X65 5G Modem-RF System`	affected	—
`WCD9380`	affected	—
`WCD9385`	affected	—
`WSA8830`	affected	—
`WSA8835`	affected	—
`WSA8840`	affected	—
`WSA8845`	affected	—
`WSA8845H`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:sa8530p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8530p:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:qualcomm:sc8280xp-abbb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sc8280xp-abbb:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Qualcomm Subscribe	Ar8035 Subscribe Ar8035 Firmware Subscribe Fastconnect 6900 Subscribe Fastconnect 6900 Firmware Subscribe Fastconnect 7800 Subscribe Fastconnect 7800 Firmware Subscribe Qam8295p Subscribe Qam8295p Firmware Subscribe Qca6574au Subscribe Qca6574au Firmware Subscribe Qca6595 Subscribe Qca6595 Firmware Subscribe Qca6696 Subscribe Qca6696 Firmware Subscribe Qca6698aq Subscribe Qca6698aq Firmware Subscribe Qca8081 Subscribe Qca8081 Firmware Subscribe Qca8337 Subscribe Qca8337 Firmware Subscribe Sa8295p Subscribe Sa8295p Firmware Subscribe Sa8530p Subscribe Sa8530p Firmware Subscribe Sa8540p Subscribe Sa8540p Firmware Subscribe Sa9000p Subscribe Sa9000p Firmware Subscribe Sc8280xp-abbb Subscribe Sc8280xp-abbb Firmware Subscribe Sc8380xp Subscribe Sc8380xp Firmware Subscribe Snapdragon X65 5g Modem-rf Subscribe Snapdragon X65 5g Modem-rf Firmware Subscribe Wcd9380 Subscribe Wcd9380 Firmware Subscribe Wcd9385 Subscribe Wcd9385 Firmware Subscribe Wsa8830 Subscribe Wsa8830 Firmware Subscribe Wsa8835 Subscribe Wsa8835 Firmware Subscribe Wsa8840 Subscribe Wsa8840 Firmware Subscribe Wsa8845 Subscribe Wsa8845 Firmware Subscribe Wsa8845h Subscribe Wsa8845h Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2024-19183	Memory corruption when size of buffer from previous call is used without validation or re-initialization.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html

History

Wed, 15 Jan 2025 17:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm Qualcomm ar8035 Qualcomm ar8035 Firmware Qualcomm fastconnect 6900 Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm qam8295p Qualcomm qam8295p Firmware Qualcomm qca6574au Qualcomm qca6574au Firmware Qualcomm qca6595 Qualcomm qca6595 Firmware Qualcomm qca6696 Qualcomm qca6696 Firmware Qualcomm qca6698aq Qualcomm qca6698aq Firmware Qualcomm qca8081 Qualcomm qca8081 Firmware Qualcomm qca8337 Qualcomm qca8337 Firmware Qualcomm sa8295p Qualcomm sa8295p Firmware Qualcomm sa8530p Qualcomm sa8530p Firmware Qualcomm sa8540p Qualcomm sa8540p Firmware Qualcomm sa9000p Qualcomm sa9000p Firmware Qualcomm sc8280xp-abbb Qualcomm sc8280xp-abbb Firmware Qualcomm sc8380xp Qualcomm sc8380xp Firmware Qualcomm snapdragon X65 5g Modem-rf Qualcomm snapdragon X65 5g Modem-rf Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wcd9385 Qualcomm wcd9385 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware Qualcomm wsa8840 Qualcomm wsa8840 Firmware Qualcomm wsa8845 Qualcomm wsa8845 Firmware Qualcomm wsa8845h Qualcomm wsa8845h Firmware
Weaknesses		CWE-787
CPEs		cpe:2.3:h:qualcomm:ar8035:-:::::::* cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::* cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::* cpe:2.3:h:qualcomm:qam8295p:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::* cpe:2.3:h:qualcomm:qca6595:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:h:qualcomm:qca6698aq:-:::::::* cpe:2.3:h:qualcomm:qca8081:-:::::::* cpe:2.3:h:qualcomm:qca8337:-:::::::* cpe:2.3:h:qualcomm:sa8295p:-:::::::* cpe:2.3:h:qualcomm:sa8530p:-:::::::* cpe:2.3:h:qualcomm:sa8540p:-:::::::* cpe:2.3:h:qualcomm:sa9000p:-:::::::* cpe:2.3:h:qualcomm:sc8280xp-abbb:-:::::::* cpe:2.3:h:qualcomm:sc8380xp:-:::::::* cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:h:qualcomm:wsa8840:-:::::::* cpe:2.3:h:qualcomm:wsa8845:-:::::::* cpe:2.3:h:qualcomm:wsa8845h:-:::::::* cpe:2.3:o:qualcomm:ar8035_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:o:qualcomm:qam8295p_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6595_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::* cpe:2.3:o:qualcomm:qca8081_firmware:-:::::::* cpe:2.3:o:qualcomm:qca8337_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8295p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8530p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8540p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa9000p_firmware:-:::::::* cpe:2.3:o:qualcomm:sc8280xp-abbb_firmware:-:::::::* cpe:2.3:o:qualcomm:sc8380xp_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8840_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8845_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8845h_firmware:-:::::::*
Vendors & Products		Qualcomm Qualcomm ar8035 Qualcomm ar8035 Firmware Qualcomm fastconnect 6900 Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm qam8295p Qualcomm qam8295p Firmware Qualcomm qca6574au Qualcomm qca6574au Firmware Qualcomm qca6595 Qualcomm qca6595 Firmware Qualcomm qca6696 Qualcomm qca6696 Firmware Qualcomm qca6698aq Qualcomm qca6698aq Firmware Qualcomm qca8081 Qualcomm qca8081 Firmware Qualcomm qca8337 Qualcomm qca8337 Firmware Qualcomm sa8295p Qualcomm sa8295p Firmware Qualcomm sa8530p Qualcomm sa8530p Firmware Qualcomm sa8540p Qualcomm sa8540p Firmware Qualcomm sa9000p Qualcomm sa9000p Firmware Qualcomm sc8280xp-abbb Qualcomm sc8280xp-abbb Firmware Qualcomm sc8380xp Qualcomm sc8380xp Firmware Qualcomm snapdragon X65 5g Modem-rf Qualcomm snapdragon X65 5g Modem-rf Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wcd9385 Qualcomm wcd9385 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware Qualcomm wsa8840 Qualcomm wsa8840 Firmware Qualcomm wsa8845 Qualcomm wsa8845 Firmware Qualcomm wsa8845h Qualcomm wsa8845h Firmware

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2024-05-06T14:32:14.501Z

Updated: 2024-08-01T22:20:40.824Z

Reserved: 2023-12-12T06:07:46.905Z

Link: CVE-2024-21474

Vulnrichment

Updated: 2024-08-01T22:20:40.824Z

NVD

Status : Analyzed

Published: 2024-05-06T15:15:21.770

Modified: 2025-01-15T16:57:08.283

Link: CVE-2024-21474

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object