CVE-2024-45561

EPSS 0.03%
Veröffentlicht 03.02.2025 17:15:18
Zuletzt bearbeitet 05.02.2025 13:55:59
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Memory corruption while handling  IOCTL call from user-space to set latency level.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Aqt1000 Firmware Version-

Qualcomm ≫ Aqt1000 Version-

Qualcomm ≫ Fastconnect 6200 Firmware Version-

Qualcomm ≫ Fastconnect 6200 Version-

Qualcomm ≫ Fastconnect 6700 Firmware Version-

Qualcomm ≫ Fastconnect 6700 Version-

Qualcomm ≫ Fastconnect 6800 Firmware Version-

Qualcomm ≫ Fastconnect 6800 Version-

Qualcomm ≫ Fastconnect 6900 Firmware Version-

Qualcomm ≫ Fastconnect 6900 Version-

Qualcomm ≫ Fastconnect 7800 Firmware Version-

Qualcomm ≫ Fastconnect 7800 Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6420 Firmware Version-

Qualcomm ≫ Qca6420 Version-

Qualcomm ≫ Qca6430 Firmware Version-

Qualcomm ≫ Qca6430 Version-

Qualcomm ≫ Qcc2073 Firmware Version-

Qualcomm ≫ Qcc2073 Version-

Qualcomm ≫ Qcc2076 Firmware Version-

Qualcomm ≫ Qcc2076 Version-

Qualcomm ≫ Sc8380xp Firmware Version-

Qualcomm ≫ Sc8380xp Version-

Qualcomm ≫ Sdm429w Firmware Version-

Qualcomm ≫ Sdm429w Version-

Qualcomm ≫ Snapdragon 429 Mobile Firmware Version-

Qualcomm ≫ Snapdragon 429 Mobile Version-

Qualcomm ≫ Snapdragon 7c+ Gen 3 Compute Firmware Version-

Qualcomm ≫ Snapdragon 7c+ Gen 3 Compute Version-

Qualcomm ≫ Sc8180x-ad Firmware Version-

Qualcomm ≫ Sc8180x-ad Version-

Qualcomm ≫ Sc8180x-aaab Firmware Version-

Qualcomm ≫ Sc8180x-aaab Version-

Qualcomm ≫ Sc8180x-acaf Firmware Version-

Qualcomm ≫ Sc8180x-acaf Version-

Qualcomm ≫ Sc8280xp-abbb Firmware Version-

Qualcomm ≫ Sc8280xp-abbb Version-

Qualcomm ≫ Wcd9340 Firmware Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Wcd9341 Firmware Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9380 Firmware Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Firmware Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn3620 Firmware Version-

Qualcomm ≫ Wcn3620 Version-

Qualcomm ≫ Wcn3660b Firmware Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wsa8830 Firmware Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Firmware Version-

Qualcomm ≫ Wsa8835 Version-

Qualcomm ≫ Wsa8840 Firmware Version-

Qualcomm ≫ Wsa8840 Version-

Qualcomm ≫ Wsa8845 Firmware Version-

Qualcomm ≫ Wsa8845 Version-

Qualcomm ≫ Wsa8845h Firmware Version-

Qualcomm ≫ Wsa8845h Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.059

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
product-security@qualcomm.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-126 Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-45561

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-45561

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-45561

EUVD