CVE-2024-21476

EPSS 0.11%
Published 06.05.2024 15:15:22
Last modified 15.01.2025 17:00:19
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption when the channel ID passed by user is not validated and further used.

Affected products Warnungen 0 Metrics 2 CWE 2 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Aqt1000 Firmware Version-

Qualcomm ≫ Aqt1000 Version-

Qualcomm ≫ Ar8035 Firmware Version-

Qualcomm ≫ Ar8035 Version-

Qualcomm ≫ Fastconnect 6200 Firmware Version-

Qualcomm ≫ Fastconnect 6200 Version-

Qualcomm ≫ Fastconnect 6800 Firmware Version-

Qualcomm ≫ Fastconnect 6800 Version-

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900 Version-

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800 Version-

Qualcomm ≫ Qca1062 Firmware Version-

Qualcomm ≫ Qca1062 Version-

Qualcomm ≫ Qca1064 Firmware Version-

Qualcomm ≫ Qca1064 Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6420 Firmware Version-

Qualcomm ≫ Qca6420 Version-

Qualcomm ≫ Qca6421 Firmware Version-

Qualcomm ≫ Qca6421 Version-

Qualcomm ≫ Qca6426 Firmware Version-

Qualcomm ≫ Qca6426 Version-

Qualcomm ≫ Qca6430 Firmware Version-

Qualcomm ≫ Qca6430 Version-

Qualcomm ≫ Qca6431 Firmware Version-

Qualcomm ≫ Qca6431 Version-

Qualcomm ≫ Qca6436 Firmware Version-

Qualcomm ≫ Qca6436 Version-

Qualcomm ≫ Qca8337 Firmware Version-

Qualcomm ≫ Qca8337 Version-

Qualcomm ≫ Qsm8250 Firmware Version-

Qualcomm ≫ Qsm8250 Version-

Qualcomm ≫ Sc8180x+sdx55 Firmware Version-

Qualcomm ≫ Sc8180x+sdx55 Version-

Qualcomm ≫ Sc8380xp Firmware Version-

Qualcomm ≫ Sc8380xp Version-

Qualcomm ≫ Sd865 5g Firmware Version-

Qualcomm ≫ Sd865 5g Version-

Qualcomm ≫ Sdx55 Firmware Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Snapdragon 865 5g Mobile Firmware Version-

Qualcomm ≫ Snapdragon 865 5g Mobile Version-

Qualcomm ≫ Snapdragon 865+ 5g Mobile Firmware Version-

Qualcomm ≫ Snapdragon 865+ 5g Mobile Version-

Qualcomm ≫ Snapdragon 870 5g Mobile Firmware Version-

Qualcomm ≫ Snapdragon 870 5g Mobile Version-

Qualcomm ≫ Snapdragon 888 5g Mobile Firmware Version-

Qualcomm ≫ Snapdragon 888 5g Mobile Version-

Qualcomm ≫ Snapdragon 888+ 5g Mobile Firmware Version-

Qualcomm ≫ Snapdragon 888+ 5g Mobile Version-

Qualcomm ≫ Sc8180x-ad Firmware Version-

Qualcomm ≫ Sc8180x-ad Version-

Qualcomm ≫ Sc8180xp-ad Firmware Version-

Qualcomm ≫ Sc8180xp-ad Version-

Qualcomm ≫ Sc8180x-aaab Firmware Version-

Qualcomm ≫ Sc8180x-aaab Version-

Qualcomm ≫ Sc8180xp-acaf Firmware Version-

Qualcomm ≫ Sc8180xp-acaf Version-

Qualcomm ≫ Sc8180x-acaf Firmware Version-

Qualcomm ≫ Sc8180x-acaf Version-

Qualcomm ≫ Sc8180xp-aaab Firmware Version-

Qualcomm ≫ Sc8180xp-aaab Version-

Qualcomm ≫ Sc8280xp-abbb Firmware Version-

Qualcomm ≫ Sc8280xp-abbb Version-

Qualcomm ≫ Snapdragon X55 5g Modem-rf Firmware Version-

Qualcomm ≫ Snapdragon X55 5g Modem-rf Version-

Qualcomm ≫ Snapdragon Xr2 5g Firmware Version-

Qualcomm ≫ Snapdragon Xr2 5g Version-

Qualcomm ≫ Snapdragon Xr2+ Gen 1 Firmware Version-

Qualcomm ≫ Snapdragon Xr2+ Gen 1 Version-

Qualcomm ≫ Sxr2130 Firmware Version-

Qualcomm ≫ Sxr2130 Version-

Qualcomm ≫ Wcd9340 Firmware Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Wcd9341 Firmware Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Qualcomm ≫ Wsa8840 Firmware Version-

Qualcomm ≫ Wsa8840 Version-

Qualcomm ≫ Wsa8845 Firmware Version-

Qualcomm ≫ Wsa8845 Version-

Qualcomm ≫ Wsa8845h Firmware Version-

Qualcomm ≫ Wsa8845h Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.305

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
product-security@qualcomm.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-21476

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-21476

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-21476

EUVD