CVE-2024-21453

Summary

Transient DOS while decoding message of size that exceeds the available system memory.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonC-V2X 9150affected
Qualcomm, Inc.SnapdragonQCS410affected
Qualcomm, Inc.SnapdragonQCS610affected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC1 Platformaffected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC3 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Auto 5G Modem-RFaffected
Qualcomm, Inc.SnapdragonSnapdragon Auto 4G Modemaffected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References