7.8
CVE-2024-43062
- EPSS 0.03%
- Published 03.03.2025 11:15:12
- Last modified 06.03.2025 16:36:34
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Fastconnect 6900 Firmware Version-
Qualcomm ≫ Fastconnect 7800 Firmware Version-
Qualcomm ≫ Sdm429w Firmware Version-
Qualcomm ≫ Snapdragon 429 Firmware Version-
Qualcomm ≫ Snapdragon 8 Gen 1 Firmware Version-
Qualcomm ≫ Sxr2230p Firmware Version-
Qualcomm ≫ Sxr2250p Firmware Version-
Qualcomm ≫ Wcd9380 Firmware Version-
Qualcomm ≫ Wcd9385 Firmware Version-
Qualcomm ≫ Wcn3620 Firmware Version-
Qualcomm ≫ Wcn3660b Firmware Version-
Qualcomm ≫ Wsa8830 Firmware Version-
Qualcomm ≫ Wsa8832 Firmware Version-
Qualcomm ≫ Wsa8835 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.061 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| product-security@qualcomm.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.