CVE-2024-33030

Summary

Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAR8035affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQCA6584AUaffected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCA8081affected
Qualcomm, Inc.SnapdragonQCA8337affected
Qualcomm, Inc.SnapdragonQCA9367affected
Qualcomm, Inc.SnapdragonQCA9377affected
Qualcomm, Inc.SnapdragonQCC710affected
Qualcomm, Inc.SnapdragonQCN6224affected
Qualcomm, Inc.SnapdragonQCN6274affected
Qualcomm, Inc.SnapdragonQFW7114affected
Qualcomm, Inc.SnapdragonQFW7124affected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon Auto 5G Modem-RF Gen 2affected
Qualcomm, Inc.SnapdragonSnapdragon X72 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonSnapdragon X75 5G Modem-RF Systemaffected
Qualcomm, Inc.SnapdragonWCD9340affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References