CVE-2024-43060

EPSS 0.03%
Published 03.03.2025 11:15:12
Last modified 06.03.2025 16:36:34
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

Affected products Warnungen 0 Metrics 2 CWE 2 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Ar8035 Firmware Version-

Qualcomm ≫ Ar8035

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800

Qualcomm ≫ Qam8295p Firmware Version-

Qualcomm ≫ Qam8295p

Qualcomm ≫ Qca6574au Firmware Version-

Qualcomm ≫ Qca6574au

Qualcomm ≫ Qca6696 Firmware Version-

Qualcomm ≫ Qca6696

Qualcomm ≫ Qca8081 Firmware Version-

Qualcomm ≫ Qca8081

Qualcomm ≫ Qca8337 Firmware Version-

Qualcomm ≫ Qca8337

Qualcomm ≫ Qca9367 Firmware Version-

Qualcomm ≫ Qca9367

Qualcomm ≫ Qca9377 Firmware Version-

Qualcomm ≫ Qca9377

Qualcomm ≫ Qcc710 Firmware Version-

Qualcomm ≫ Qcc710

Qualcomm ≫ Qcn6224 Firmware Version-

Qualcomm ≫ Qcn6224

Qualcomm ≫ Qcn6274 Firmware Version-

Qualcomm ≫ Qcn6274

Qualcomm ≫ Qcs8550 Firmware Version-

Qualcomm ≫ Qcs8550

Qualcomm ≫ Qfw7114 Firmware Version-

Qualcomm ≫ Qfw7114

Qualcomm ≫ Qfw7124 Firmware Version-

Qualcomm ≫ Qfw7124

Qualcomm ≫ Sa6145p Firmware Version-

Qualcomm ≫ Sa6145p

Qualcomm ≫ Sa6150p Firmware Version-

Qualcomm ≫ Sa6150p

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p

Qualcomm ≫ Sa8145p Firmware Version-

Qualcomm ≫ Sa8145p

Qualcomm ≫ Sa8150p Firmware Version-

Qualcomm ≫ Sa8150p

Qualcomm ≫ Sa8155p Firmware Version-

Qualcomm ≫ Sa8155p

Qualcomm ≫ Sa8195p Firmware Version-

Qualcomm ≫ Sa8195p

Qualcomm ≫ Sa8295p Firmware Version-

Qualcomm ≫ Sa8295p

Qualcomm ≫ Sa8530p Firmware Version-

Qualcomm ≫ Sa8530p

Qualcomm ≫ Sa8540p Firmware Version-

Qualcomm ≫ Sa8540p

Qualcomm ≫ Sa9000p Firmware Version-

Qualcomm ≫ Sa9000p

Qualcomm ≫ Sdm429w Firmware Version-

Qualcomm ≫ Sdm429w

Qualcomm ≫ Snapdragon 429 Firmware Version-

Qualcomm ≫ Snapdragon 429

Qualcomm ≫ Snapdragon X72 5g Firmware Version-

Qualcomm ≫ Snapdragon X72 5g

Qualcomm ≫ Snapdragon X75 5g Firmware Version-

Qualcomm ≫ Snapdragon X75 5g

Qualcomm ≫ Sxr2230p Firmware Version-

Qualcomm ≫ Sxr2230p

Qualcomm ≫ Sxr2250p Firmware Version-

Qualcomm ≫ Sxr2250p

Qualcomm ≫ Wcd9340 Firmware Version-

Qualcomm ≫ Wcd9340

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385

Qualcomm ≫ Wcn3620 Firmware Version-

Qualcomm ≫ Wcn3620

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830

Qualcomm ≫ Wsa8832 Firmware Version-

Qualcomm ≫ Wsa8832

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.061

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
product-security@qualcomm.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-823 Use of Out-of-range Pointer Offset

The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-43060

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-43060

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-43060

EUVD