7.5

CVE-2024-43064

Permissions, Privileges, and Access Controls issue in Automotive OS Platform

Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommQam8255p Firmware Version-
   QualcommQam8255p Version-
QualcommQam8295p Firmware Version-
   QualcommQam8295p Version-
QualcommQam8620p Firmware Version-
   QualcommQam8620p Version-
QualcommQam8650p Firmware Version-
   QualcommQam8650p Version-
QualcommQam8775p Firmware Version-
   QualcommQam8775p Version-
QualcommQamsrv1h Firmware Version-
   QualcommQamsrv1h Version-
QualcommQamsrv1m Firmware Version-
   QualcommQamsrv1m Version-
QualcommQca6574au Firmware Version-
   QualcommQca6574au Version-
QualcommQca6595 Firmware Version-
   QualcommQca6595 Version-
QualcommQca6595au Firmware Version-
   QualcommQca6595au Version-
QualcommQca6688aq Firmware Version-
   QualcommQca6688aq Version-
QualcommQca6696 Firmware Version-
   QualcommQca6696 Version-
QualcommQca6698aq Firmware Version-
   QualcommQca6698aq Version-
QualcommSa7255p Firmware Version-
   QualcommSa7255p Version-
QualcommSa7775p Firmware Version-
   QualcommSa7775p Version-
QualcommSa8255p Firmware Version-
   QualcommSa8255p Version-
QualcommSa8295p Firmware Version-
   QualcommSa8295p Version-
QualcommSa8540p Firmware Version-
   QualcommSa8540p Version-
QualcommSa8620p Firmware Version-
   QualcommSa8620p Version-
QualcommSa8650p Firmware Version-
   QualcommSa8650p Version-
QualcommSa8770p Firmware Version-
   QualcommSa8770p Version-
QualcommSa8775p Firmware Version-
   QualcommSa8775p Version-
QualcommSa9000p Firmware Version-
   QualcommSa9000p Version-
QualcommSdm429w Firmware Version-
   QualcommSdm429w Version-
QualcommSrv1h Firmware Version-
   QualcommSrv1h Version-
QualcommSrv1l Firmware Version-
   QualcommSrv1l Version-
QualcommSrv1m Firmware Version-
   QualcommSrv1m Version-
QualcommWcn3620 Firmware Version-
   QualcommWcn3620 Version-
QualcommWcn3660b Firmware Version-
   QualcommWcn3660b Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.08% 0.004
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
product-security@qualcomm.com 7.5 0.8 6
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html
Vendor Advisory