CVE-2024-43055

EPSS 0.02%
Published 03.03.2025 11:15:11
Last modified 03.03.2025 11:15:11
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption while processing camera use case IOCTL call.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800

Qualcomm ≫ Sdm429w Firmware Version-

Qualcomm ≫ Sdm429w

Qualcomm ≫ Snapdragon 429 Firmware Version-

Qualcomm ≫ Snapdragon 429

Qualcomm ≫ Snapdragon 8 Gen 1 Firmware Version-

Qualcomm ≫ Snapdragon 8 Gen 1

Qualcomm ≫ Sxr2230p Firmware Version-

Qualcomm ≫ Sxr2230p

Qualcomm ≫ Sxr2250p Firmware Version-

Qualcomm ≫ Sxr2250p

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385

Qualcomm ≫ Wcn3620 Firmware Version-

Qualcomm ≫ Wcn3620

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830

Qualcomm ≫ Wsa8832 Firmware Version-

Qualcomm ≫ Wsa8832

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.046

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
product-security@qualcomm.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-43055

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-43055

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-43055

EUVD