Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.
History

Mon, 04 Nov 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Qualcomm
Qualcomm fastconnect 6900 Firmware
Qualcomm fastconnect 7800 Firmware
Qualcomm qca6391 Firmware
Qualcomm qcm8550 Firmware
Qualcomm qcs7230 Firmware
Qualcomm qcs8250 Firmware
Qualcomm qcs8550 Firmware
Qualcomm qualcomm Video Collaboration Vc5 Platform Firmware
Qualcomm sd 8 Gen1 5g Firmware
Qualcomm sg8275 Firmware
Qualcomm sg8275p Firmware
Qualcomm sm7525 Firmware
Qualcomm sm7550 Firmware
Qualcomm sm8550p Firmware
Qualcomm snapdragon 8 Gen 2 Mobile Platform Firmware
Qualcomm snapdragon Ar2 Gen 1 Platform Firmware
Qualcomm ssg2115p Firmware
Qualcomm ssg2125p Firmware
Qualcomm sxr1230p Firmware
Qualcomm sxr2230p Firmware
Qualcomm sxr2250p Firmware
Qualcomm wcd9370 Firmware
Qualcomm wcd9371 Firmware
Qualcomm wcd9375 Firmware
Qualcomm wcd9378 Firmware
Qualcomm wcd9380 Firmware
Qualcomm wcd9385 Firmware
Qualcomm wcd9390 Firmware
Qualcomm wcd9395 Firmware
Qualcomm wcn6650 Firmware
Qualcomm wcn6755 Firmware
Qualcomm wcn7880 Firmware
Qualcomm wsa8830 Firmware
Qualcomm wsa8832 Firmware
Qualcomm wsa8835 Firmware
Qualcomm wsa8840 Firmware
Qualcomm wsa8845 Firmware
Qualcomm wsa8845h Firmware
CPEs cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcs7230_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcs8250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc5_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sg8275_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sg8275p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sm7525_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sm7550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_ar2_gen_1_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ssg2115p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:ssg2125p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr1230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*
Vendors & Products Qualcomm
Qualcomm fastconnect 6900 Firmware
Qualcomm fastconnect 7800 Firmware
Qualcomm qca6391 Firmware
Qualcomm qcm8550 Firmware
Qualcomm qcs7230 Firmware
Qualcomm qcs8250 Firmware
Qualcomm qcs8550 Firmware
Qualcomm qualcomm Video Collaboration Vc5 Platform Firmware
Qualcomm sd 8 Gen1 5g Firmware
Qualcomm sg8275 Firmware
Qualcomm sg8275p Firmware
Qualcomm sm7525 Firmware
Qualcomm sm7550 Firmware
Qualcomm sm8550p Firmware
Qualcomm snapdragon 8 Gen 2 Mobile Platform Firmware
Qualcomm snapdragon Ar2 Gen 1 Platform Firmware
Qualcomm ssg2115p Firmware
Qualcomm ssg2125p Firmware
Qualcomm sxr1230p Firmware
Qualcomm sxr2230p Firmware
Qualcomm sxr2250p Firmware
Qualcomm wcd9370 Firmware
Qualcomm wcd9371 Firmware
Qualcomm wcd9375 Firmware
Qualcomm wcd9378 Firmware
Qualcomm wcd9380 Firmware
Qualcomm wcd9385 Firmware
Qualcomm wcd9390 Firmware
Qualcomm wcd9395 Firmware
Qualcomm wcn6650 Firmware
Qualcomm wcn6755 Firmware
Qualcomm wcn7880 Firmware
Qualcomm wsa8830 Firmware
Qualcomm wsa8832 Firmware
Qualcomm wsa8835 Firmware
Qualcomm wsa8840 Firmware
Qualcomm wsa8845 Firmware
Qualcomm wsa8845h Firmware
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 04 Nov 2024 10:15:00 +0000

Type Values Removed Values Added
Description Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.
Title Use of Out-of-range Pointer Offset in ComputerVision
Weaknesses CWE-823
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2024-11-04T10:04:32.745Z

Updated: 2024-11-04T14:08:56.537Z

Reserved: 2024-01-16T03:27:26.435Z

Link: CVE-2024-23377

cve-icon Vulnrichment

Updated: 2024-11-04T14:08:41.703Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-04T10:15:04.100

Modified: 2024-11-04T18:50:05.607

Link: CVE-2024-23377

cve-icon Redhat

No data.