CVE-2024-23377

Summary

Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCM8550affected
Qualcomm, Inc.SnapdragonQCS7230affected
Qualcomm, Inc.SnapdragonQCS8250affected
Qualcomm, Inc.SnapdragonQCS8550affected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC5 Platformaffected
Qualcomm, Inc.SnapdragonSD 8 Gen1 5Gaffected
Qualcomm, Inc.SnapdragonSG8275affected
Qualcomm, Inc.SnapdragonSG8275Paffected
Qualcomm, Inc.SnapdragonSM7525affected
Qualcomm, Inc.SnapdragonSM7550affected
Qualcomm, Inc.SnapdragonSM8550Paffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8+ Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon AR2 Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSSG2115Paffected
Qualcomm, Inc.SnapdragonSSG2125Paffected
Qualcomm, Inc.SnapdragonSXR1230Paffected
Qualcomm, Inc.SnapdragonSXR2230Paffected
Qualcomm, Inc.SnapdragonSXR2250Paffected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9371affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9378affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCD9390affected
Qualcomm, Inc.SnapdragonWCD9395affected
Qualcomm, Inc.SnapdragonWCN6650affected
Qualcomm, Inc.SnapdragonWCN6755affected
Qualcomm, Inc.SnapdragonWCN7880affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected

Weaknesses

  • CWE-823: CWE-823 Use of Out-of-range Pointer Offset

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References