CVE-2024-33033

EPSS 0.03%
Veröffentlicht 04.11.2024 10:15:06
Zuletzt bearbeitet 07.11.2024 19:39:24
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Memory corruption while processing IOCTL calls to unmap the buffers.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Wsa8845h Firmware Version-

Qualcomm ≫ Wsa8845h Version-

Qualcomm ≫ Wsa8845 Firmware Version-

Qualcomm ≫ Wsa8845 Version-

Qualcomm ≫ Wsa8840 Firmware Version-

Qualcomm ≫ Wsa8840 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Qualcomm ≫ Wsa8832 Firmware Version-

Qualcomm ≫ Wsa8832 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wcn7880 Firmware Version-

Qualcomm ≫ Wcn7880 Version-

Qualcomm ≫ Wcn6755 Firmware Version-

Qualcomm ≫ Wcn6755 Version-

Qualcomm ≫ Wcn6650 Firmware Version-

Qualcomm ≫ Wcn6650 Version-

Qualcomm ≫ Wcd9395 Firmware Version-

Qualcomm ≫ Wcd9395 Version-

Qualcomm ≫ Wcd9390 Firmware Version-

Qualcomm ≫ Wcd9390 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9378 Firmware Version-

Qualcomm ≫ Wcd9378 Version-

Qualcomm ≫ Wcd9375 Firmware Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9371 Firmware Version-

Qualcomm ≫ Wcd9371 Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Snapdragon 8+ Gen 2 Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 8+ Gen 2 Mobile Platform Version-

Qualcomm ≫ Snapdragon 8 Gen 2 Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 8 Gen 2 Mobile Platform Version-

Qualcomm ≫ Sm8550p Firmware Version-

Qualcomm ≫ Sm8550p Version-

Qualcomm ≫ Sm7550 Firmware Version-

Qualcomm ≫ Sm7550 Version-

Qualcomm ≫ Sm7525 Firmware Version-

Qualcomm ≫ Sm7525 Version-

Qualcomm ≫ Sg8275p Firmware Version-

Qualcomm ≫ Sg8275p Version-

Qualcomm ≫ Sg8275 Firmware Version-

Qualcomm ≫ Sg8275 Version-

Qualcomm ≫ Qcs8550 Firmware Version-

Qualcomm ≫ Qcs8550 Version-

Qualcomm ≫ Qcm8550 Firmware Version-

Qualcomm ≫ Qcm8550 Version-

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800 Version-

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.057

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-33033

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-33033

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-33033

EUVD