CVE-2024-21455

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc1_platform:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\):-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6688aq:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*

History

16 Oct 2024, 20:30

Type	Values Removed	Values Added
Summary		(es) Corrupción de memoria cuando una llamada IOCTL de compatibilidad es seguida por otra llamada IOCTL desde el espacio de usuario a un controlador.
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html - Vendor Advisory
CWE		CWE-119
CPE		cpe:2.3:h:qualcomm:qam8295p:-:::::::* cpe:2.3:o:qualcomm:sa8295p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8295p:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:o:qualcomm:qam8295p_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\):-:::::::* cpe:2.3:o:qualcomm:qca6595_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6688aq_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::* cpe:2.3:o:qualcomm:qcm6125_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6584au:-:::::::* cpe:2.3:o:qualcomm:qcs6125_firmware:-:::::::* cpe:2.3:h:qualcomm:qcs6125:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc1_platform_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3950:-:::::::* cpe:2.3:h:qualcomm:qca6688aq:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3980:-:::::::* cpe:2.3:h:qualcomm:wcd9375:-:::::::* cpe:2.3:h:qualcomm:qca6595:-:::::::* cpe:2.3:o:qualcomm:sg4150p_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:wcn3950_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6698aq:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6584au_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:::::::* cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc1_platform:-:::::::* cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware:-:::::::* cpe:2.3:h:qualcomm:sg4150p:-:::::::* cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:::::::* cpe:2.3:h:qualcomm:qcm6125:-:::::::*
First Time		Qualcomm qca6595 Firmware Qualcomm wcn3980 Firmware Qualcomm wcn3950 Firmware Qualcomm qca6698aq Firmware Qualcomm sg4150p Qualcomm qcm6125 Firmware Qualcomm snapdragon 685 4g Mobile Platform \(sm6225-ad\) Qualcomm snapdragon 680 4g Mobile Platform Qualcomm qca6696 Qualcomm qca6595 Qualcomm sa8295p Qualcomm wcn3950 Qualcomm snapdragon Auto 5g Modem-rf Gen 2 Firmware Qualcomm qualcomm Video Collaboration Vc1 Platform Firmware Qualcomm qam8295p Firmware Qualcomm snapdragon 685 4g Mobile Platform \(sm6225-ad\) Firmware Qualcomm qca6688aq Firmware Qualcomm snapdragon Auto 5g Modem-rf Gen 2 Qualcomm wcd9375 Firmware Qualcomm sg4150p Firmware Qualcomm wsa8815 Qualcomm wsa8810 Firmware Qualcomm wsa8810 Qualcomm qca6584au Firmware Qualcomm wcd9370 Firmware Qualcomm wcd9375 Qualcomm qcs6125 Qualcomm qca6696 Firmware Qualcomm qam8295p Qualcomm sa8295p Firmware Qualcomm qcm6125 Qualcomm qca6584au Qualcomm qualcomm Video Collaboration Vc1 Platform Qualcomm snapdragon 680 4g Mobile Platform Firmware Qualcomm Qualcomm wcd9370 Qualcomm wsa8815 Firmware Qualcomm wcn3980 Qualcomm qca6698aq Qualcomm qca6688aq Qualcomm qcs6125 Firmware

07 Oct 2024, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-07 13:15

Updated : 2024-10-16 20:30

NVD link : CVE-2024-21455

Mitre link : CVE-2024-21455

CVE.ORG link : CVE-2024-21455

JSON object : View

Products Affected

qualcomm

qcm6125_firmware
qualcomm_video_collaboration_vc1_platform_firmware
sa8295p_firmware
qualcomm_video_collaboration_vc1_platform
snapdragon_685_4g_mobile_platform_\(sm6225-ad\)
wsa8815_firmware
qca6584au
qca6696
qca6584au_firmware
qca6688aq_firmware
qca6698aq
wcd9370_firmware
wsa8810
wcn3980
wsa8810_firmware
wsa8815
wcd9375_firmware
snapdragon_auto_5g_modem-rf_gen_2_firmware
qca6595_firmware
qca6595
snapdragon_680_4g_mobile_platform_firmware
sa8295p
qam8295p_firmware
sg4150p_firmware
qca6696_firmware
wcd9370
qca6698aq_firmware
qcm6125
wcd9375
wcn3950_firmware
wcn3950
wcn3980_firmware
snapdragon_680_4g_mobile_platform
sg4150p
snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware
snapdragon_auto_5g_modem-rf_gen_2
qcs6125_firmware
qca6688aq
qam8295p
qcs6125

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-822

Untrusted Pointer Dereference

7.8 /10