CVE-2024-49837

EPSS 0.03%
Published 03.02.2025 17:15:20
Last modified 05.02.2025 16:02:51
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Memory corruption while reading CPU state data during guest VM suspend.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Qam8255p Firmware Version-

Qualcomm ≫ Qam8255p Version-

Qualcomm ≫ Qam8295p Firmware Version-

Qualcomm ≫ Qam8295p Version-

Qualcomm ≫ Qam8620p Firmware Version-

Qualcomm ≫ Qam8620p Version-

Qualcomm ≫ Qam8650p Firmware Version-

Qualcomm ≫ Qam8650p Version-

Qualcomm ≫ Qam8775p Firmware Version-

Qualcomm ≫ Qam8775p Version-

Qualcomm ≫ Qamsrv1h Firmware Version-

Qualcomm ≫ Qamsrv1h Version-

Qualcomm ≫ Qamsrv1m Firmware Version-

Qualcomm ≫ Qamsrv1m Version-

Qualcomm ≫ Qca6574au Firmware Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6595 Firmware Version-

Qualcomm ≫ Qca6595 Version-

Qualcomm ≫ Qca6595au Firmware Version-

Qualcomm ≫ Qca6595au Version-

Qualcomm ≫ Qca6688aq Firmware Version-

Qualcomm ≫ Qca6688aq Version-

Qualcomm ≫ Qca6696 Firmware Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Qca6698aq Firmware Version-

Qualcomm ≫ Qca6698aq Version-

Qualcomm ≫ Sa7255p Firmware Version-

Qualcomm ≫ Sa7255p Version-

Qualcomm ≫ Sa7775p Firmware Version-

Qualcomm ≫ Sa7775p Version-

Qualcomm ≫ Sa8255p Firmware Version-

Qualcomm ≫ Sa8255p Version-

Qualcomm ≫ Sa8295p Firmware Version-

Qualcomm ≫ Sa8295p Version-

Qualcomm ≫ Sa8540p Firmware Version-

Qualcomm ≫ Sa8540p Version-

Qualcomm ≫ Sa8620p Firmware Version-

Qualcomm ≫ Sa8620p Version-

Qualcomm ≫ Sa8650p Firmware Version-

Qualcomm ≫ Sa8650p Version-

Qualcomm ≫ Sa8770p Firmware Version-

Qualcomm ≫ Sa8770p Version-

Qualcomm ≫ Sa8775p Firmware Version-

Qualcomm ≫ Sa8775p Version-

Qualcomm ≫ Sa9000p Firmware Version-

Qualcomm ≫ Sa9000p Version-

Qualcomm ≫ Srv1h Firmware Version-

Qualcomm ≫ Srv1h Version-

Qualcomm ≫ Srv1l Firmware Version-

Qualcomm ≫ Srv1l Version-

Qualcomm ≫ Srv1m Firmware Version-

Qualcomm ≫ Srv1m Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.059

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
product-security@qualcomm.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-49837

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-49837

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-49837

EUVD