CVE-2024-21474

Summary

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAR8035affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQAM8295Paffected
Qualcomm, Inc.SnapdragonQCA6574AUaffected
Qualcomm, Inc.SnapdragonQCA6595affected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA8081affected
Qualcomm, Inc.SnapdragonQCA8337affected
Qualcomm, Inc.SnapdragonSA8295Paffected
Qualcomm, Inc.SnapdragonSA8530Paffected
Qualcomm, Inc.SnapdragonSA8540Paffected
Qualcomm, Inc.SnapdragonSA9000Paffected
Qualcomm, Inc.SnapdragonSC8380XPaffected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)affected
Qualcomm, Inc.SnapdragonSnapdragon X65 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References