CVE-2024-38399

EPSS 0.04%
Published 07.10.2024 13:15:14
Last modified 16.10.2024 18:17:09
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption while processing user packets to generate page faults.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wcn3950 Firmware Version-

Qualcomm ≫ Wcn3950 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9375 Firmware Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Srv1m Firmware Version-

Qualcomm ≫ Srv1m Version-

Qualcomm ≫ Srv1h Firmware Version-

Qualcomm ≫ Srv1h Version-

Qualcomm ≫ Snapdragon 8 Gen 1 Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 8 Gen 1 Mobile Platform Version-

Qualcomm ≫ Snapdragon 685 4g Mobile Platform (sm6225-ad) Firmware Version-

Qualcomm ≫ Snapdragon 685 4g Mobile Platform (sm6225-ad) Version-

Qualcomm ≫ Snapdragon 680 4g Mobile Platform Firmware Version-

Qualcomm ≫ Snapdragon 680 4g Mobile Platform Version-

Qualcomm ≫ Sg4150p Firmware Version-

Qualcomm ≫ Sg4150p Version-

Qualcomm ≫ Sa9000p Firmware Version-

Qualcomm ≫ Sa9000p Version-

Qualcomm ≫ Sa8775p Firmware Version-

Qualcomm ≫ Sa8775p Version-

Qualcomm ≫ Sa8770p Firmware Version-

Qualcomm ≫ Sa8770p Version-

Qualcomm ≫ Sa8650p Firmware Version-

Qualcomm ≫ Sa8650p Version-

Qualcomm ≫ Sa8620p Firmware Version-

Qualcomm ≫ Sa8620p Version-

Qualcomm ≫ Sa8295p Firmware Version-

Qualcomm ≫ Sa8295p Version-

Qualcomm ≫ Sa8255p Firmware Version-

Qualcomm ≫ Sa8255p Version-

Qualcomm ≫ Sa8195p Firmware Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sa8155p Firmware Version-

Qualcomm ≫ Sa8155p Version-

Qualcomm ≫ Sa7775p Firmware Version-

Qualcomm ≫ Sa7775p Version-

Qualcomm ≫ Sa7255p Firmware Version-

Qualcomm ≫ Sa7255p Version-

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Qca6797aq Firmware Version-

Qualcomm ≫ Qca6797aq Version-

Qualcomm ≫ Qca6698aq Firmware Version-

Qualcomm ≫ Qca6698aq Version-

Qualcomm ≫ Qca6696 Firmware Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Qca6688aq Firmware Version-

Qualcomm ≫ Qca6688aq Version-

Qualcomm ≫ Qca6595au Firmware Version-

Qualcomm ≫ Qca6595au Version-

Qualcomm ≫ Qca6595 Firmware Version-

Qualcomm ≫ Qca6595 Version-

Qualcomm ≫ Qca6574au Firmware Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qamsrv1m Firmware Version-

Qualcomm ≫ Qamsrv1m Version-

Qualcomm ≫ Qamsrv1h Firmware Version-

Qualcomm ≫ Qamsrv1h Version-

Qualcomm ≫ Qam8775p Firmware Version-

Qualcomm ≫ Qam8775p Version-

Qualcomm ≫ Qam8650p Firmware Version-

Qualcomm ≫ Qam8650p Version-

Qualcomm ≫ Qam8295p Firmware Version-

Qualcomm ≫ Qam8295p Version-

Qualcomm ≫ Qam8255p Firmware Version-

Qualcomm ≫ Qam8255p Version-

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800 Version-

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.081

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-38399

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-38399

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-38399

EUVD