CVE-2024-33030

EPSS 0.03%
Published 04.11.2024 10:15:05
Last modified 07.11.2024 20:04:32
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9340 Firmware Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Snapdragon X75 5g Modem-rf System Firmware Version-

Qualcomm ≫ Snapdragon X75 5g Modem-rf System Version-

Qualcomm ≫ Snapdragon X72 5g Modem-rf System Firmware Version-

Qualcomm ≫ Snapdragon X72 5g Modem-rf System Version-

Qualcomm ≫ Snapdragon Auto 5g Modem-rf Gen 2 Firmware Version-

Qualcomm ≫ Snapdragon Auto 5g Modem-rf Gen 2 Version-

Qualcomm ≫ Snapdragon 8 Gen 1 Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 8 Gen 1 Mobile Platform Version-

Qualcomm ≫ Qfw7124 Firmware Version-

Qualcomm ≫ Qfw7124 Version-

Qualcomm ≫ Qfw7114 Firmware Version-

Qualcomm ≫ Qfw7114 Version-

Qualcomm ≫ Qcn6274 Firmware Version-

Qualcomm ≫ Qcn6274 Version-

Qualcomm ≫ Qcn6224 Firmware Version-

Qualcomm ≫ Qcn6224 Version-

Qualcomm ≫ Qcc710 Firmware Version-

Qualcomm ≫ Qcc710 Version-

Qualcomm ≫ Qca9377 Firmware Version-

Qualcomm ≫ Qca9377 Version-

Qualcomm ≫ Qca9367 Firmware Version-

Qualcomm ≫ Qca9367 Version-

Qualcomm ≫ Qca8337 Firmware Version-

Qualcomm ≫ Qca8337 Version-

Qualcomm ≫ Qca8081 Firmware Version-

Qualcomm ≫ Qca8081 Version-

Qualcomm ≫ Qca6698aq Firmware Version-

Qualcomm ≫ Qca6698aq Version-

Qualcomm ≫ Qca6584au Firmware Version-

Qualcomm ≫ Qca6584au Version-

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800 Version-

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900 Version-

Qualcomm ≫ Ar8035 Firmware Version-

Qualcomm ≫ Ar8035 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.066

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
product-security@qualcomm.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-33030

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-33030

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-33030

EUVD