CVE-2024-21478

transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html	Patch Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8775p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8650p:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8775p:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*

History

27 Jan 2025, 18:53

Type	Values Removed	Values Added
CWE		CWE-476
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html - Patch, Vendor Advisory
CPE		cpe:2.3:o:qualcomm:sa9000p_firmware:-:::::::* cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8770p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8650p:-:::::::* cpe:2.3:o:qualcomm:srv1m_firmware:-:::::::* cpe:2.3:h:qualcomm:srv1h:-:::::::* cpe:2.3:h:qualcomm:srv1m:-:::::::* cpe:2.3:o:qualcomm:qam8650p_firmware:-:::::::* cpe:2.3:h:qualcomm:qamsrv1m:-:::::::* cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:::::::* cpe:2.3:o:qualcomm:qam8775p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8255p:-:::::::* cpe:2.3:h:qualcomm:qam8775p:-:::::::* cpe:2.3:h:qualcomm:qamsrv1h:-:::::::* cpe:2.3:h:qualcomm:qam8255p:-:::::::* cpe:2.3:o:qualcomm:srv1h_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8775p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8770p:-:::::::* cpe:2.3:h:qualcomm:sa8650p:-:::::::* cpe:2.3:o:qualcomm:sa8255p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8650p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa9000p:-:::::::* cpe:2.3:h:qualcomm:sa8775p:-:::::::* cpe:2.3:o:qualcomm:qam8255p_firmware:-:::::::*
First Time		Qualcomm sa8255p Firmware Qualcomm qam8775p Firmware Qualcomm srv1m Qualcomm sa9000p Firmware Qualcomm qam8775p Qualcomm qam8255p Qualcomm sa8770p Qualcomm sa8775p Qualcomm sa8650p Qualcomm qam8255p Firmware Qualcomm qamsrv1h Qualcomm qamsrv1h Firmware Qualcomm srv1h Qualcomm sa8770p Firmware Qualcomm qamsrv1m Firmware Qualcomm qamsrv1m Qualcomm sa8650p Firmware Qualcomm sa8255p Qualcomm Qualcomm sa9000p Qualcomm sa8775p Firmware Qualcomm srv1m Firmware Qualcomm srv1h Firmware Qualcomm qam8650p Firmware Qualcomm qam8650p

21 Nov 2024, 08:54

Type	Values Removed	Values Added
Summary		(es) DOS transitorio al configurar una devolución de llamada de valla para liberar un objeto de entrada de memoria KGSL durante DMA.
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html -

03 Jun 2024, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-03 10:15

Updated : 2025-01-27 18:53

NVD link : CVE-2024-21478

Mitre link : CVE-2024-21478

CVE.ORG link : CVE-2024-21478

JSON object : View

Products Affected

qualcomm

qam8775p
qam8255p
srv1h
sa8770p_firmware
sa8255p
qamsrv1h
srv1h_firmware
qam8775p_firmware
qamsrv1m
qam8650p_firmware
sa9000p
srv1m
qamsrv1h_firmware
sa8775p
sa8775p_firmware
qam8255p_firmware
sa9000p_firmware
sa8650p
qamsrv1m_firmware
srv1m_firmware
sa8770p
qam8650p
sa8650p_firmware
sa8255p_firmware

CWE

CWE-704

Incorrect Type Conversion or Cast

CWE-476

NULL Pointer Dereference

{"id": "CVE-2024-21478", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "product-security@qualcomm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-06-03T10:15:11.907", "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html", "tags": ["Patch", "Vendor Advisory"], "source": "product-security@qualcomm.com"}, {"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "product-security@qualcomm.com", "description": [{"lang": "en", "value": "CWE-704"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA."}, {"lang": "es", "value": "DOS transitorio al configurar una devoluci\u00f3n de llamada de valla para liberar un objeto de entrada de memoria KGSL durante DMA."}], "lastModified": "2025-01-27T18:53:05.400", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3723C7B1-A7E2-401F-8D6D-189350F6BCA5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B12B89EF-7B12-481E-BCBC-F12B9D16321A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "295E75BD-2A6C-4A76-A376-A9977DDB17FF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BD37AA1A-B911-45BF-9BCC-C772FA83E657"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49B2DF91-BE6B-4E9E-B63C-98DADD29AD6B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qam8775p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "58170126-928F-4AE5-B5AF-5ED4710F9BA2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8673334-5E11-4E95-B33D-3029499F71DF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EC0B32F6-5EF0-4591-99D7-D0E9B09DEC5A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE03AB2A-3ED9-4489-8E5B-4FCF8BAA8559"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E646738-6A87-4470-9640-6A5A1DF3AF78"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC6E268D-C4AF-4950-9223-39EA36D538A8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0E807AA-5646-48AD-9A5C-B0B13E222AA9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8650p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "45FBB72B-B850-4E3F-ACBB-9392157FF131"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "781CCC31-C08F-499B-BE73-6C7DB70437AF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75AFAA21-0589-4C6A-9418-34EE8A61BBAD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C79595B-1259-4431-96F9-C5A24E624305"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa8775p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F2F3431-9CD7-4D4F-833D-DD4D3ACF94C7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A024AB04-B213-4018-A4C1-FA467C7BA775"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2A8AB7C-5D34-4794-8C06-2193075B323F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CD199F5-DA68-4BEB-AA99-11572DA26B4F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8ACA2D4D-FC77-4C1A-8278-1C27B3EA3303"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4B29E7F-8BFE-466A-B357-63F8A2160C4E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6D55CC7D-2E65-4CA9-9892-B6FBCC087E6F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}

6.2 /10