7.8

CVE-2024-43053

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommQca2062 Firmware Version-
   QualcommQca2062 Version-
QualcommQca2064 Firmware Version-
   QualcommQca2064 Version-
QualcommQca2065 Firmware Version-
   QualcommQca2065 Version-
QualcommQca2066 Firmware Version-
   QualcommQca2066 Version-
QualcommQcc2073 Firmware Version-
   QualcommQcc2073 Version-
QualcommQcc2076 Firmware Version-
   QualcommQcc2076 Version-
QualcommSc8380xp Firmware Version-
   QualcommSc8380xp Version-
QualcommSdm429w Firmware Version-
   QualcommSdm429w Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
QualcommWcd9385 Firmware Version-
   QualcommWcd9385 Version-
QualcommWcn3620 Firmware Version-
   QualcommWcn3620 Version-
QualcommWcn3660b Firmware Version-
   QualcommWcn3660b Version-
QualcommWsa8840 Firmware Version-
   QualcommWsa8840 Version-
QualcommWsa8845 Firmware Version-
   QualcommWsa8845 Version-
QualcommWsa8845h Firmware Version-
   QualcommWsa8845h Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.089
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
product-security@qualcomm.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.