CVE-2024-21482
6.8
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Memory corruption during the secure boot process, when the bootm command is used, it bypasses the authentication of the kernel/rootfs image.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon | CSR8811 | affected |
| Qualcomm, Inc. | Snapdragon | Immersive Home 214 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Immersive Home 216 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Immersive Home 316 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Immersive Home 318 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Immersive Home 3210 Platform | affected |
| Qualcomm, Inc. | Snapdragon | Immersive Home 326 Platform | affected |
| Qualcomm, Inc. | Snapdragon | IPQ5010 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ5028 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ5302 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ5312 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ5332 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ6000 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ6010 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ6018 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ6028 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8070A | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8071A | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8072A | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8074A | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8076 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8076A | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8078 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8078A | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8173 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ8174 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ9008 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ9554 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ9570 | affected |
| Qualcomm, Inc. | Snapdragon | IPQ9574 | affected |
| Qualcomm, Inc. | Snapdragon | QCA4024 | affected |
| Qualcomm, Inc. | Snapdragon | QCA8075 | affected |
| Qualcomm, Inc. | Snapdragon | QCA8081 | affected |
| Qualcomm, Inc. | Snapdragon | QCA8082 | affected |
| Qualcomm, Inc. | Snapdragon | QCA8084 | affected |
| Qualcomm, Inc. | Snapdragon | QCA8085 | affected |
| Qualcomm, Inc. | Snapdragon | QCA8386 | affected |
| Qualcomm, Inc. | Snapdragon | QCA9888 | affected |
| Qualcomm, Inc. | Snapdragon | QCA9889 | affected |
| Qualcomm, Inc. | Snapdragon | QCF8000 | affected |
| Qualcomm, Inc. | Snapdragon | QCF8001 | affected |
| Qualcomm, Inc. | Snapdragon | QCN5022 | affected |
| Qualcomm, Inc. | Snapdragon | QCN5024 | affected |
| Qualcomm, Inc. | Snapdragon | QCN5052 | affected |
| Qualcomm, Inc. | Snapdragon | QCN5122 | affected |
| Qualcomm, Inc. | Snapdragon | QCN5124 | affected |
| Qualcomm, Inc. | Snapdragon | QCN5152 | affected |
| Qualcomm, Inc. | Snapdragon | QCN5154 | affected |
| Qualcomm, Inc. | Snapdragon | QCN5164 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6023 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6024 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6112 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6122 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6132 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6402 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6412 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6422 | affected |
| Qualcomm, Inc. | Snapdragon | QCN6432 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9000 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9022 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9024 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9070 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9072 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9074 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9100 | affected |
| Qualcomm, Inc. | Snapdragon | QCN9274 | affected |
| Qualcomm, Inc. | Snapdragon | SDX55 | affected |
| Qualcomm, Inc. | Snapdragon | SDX65M | affected |
| Qualcomm, Inc. | Snapdragon | Snapdragon X65 5G Modem-RF System | affected |
Weaknesses
- CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.