CVE-2024-45580

Summary

Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQMP1000affected
Qualcomm, Inc.SnapdragonSDM429Waffected
Qualcomm, Inc.SnapdragonSM8735affected
Qualcomm, Inc.SnapdragonSM8750affected
Qualcomm, Inc.SnapdragonSM8750Paffected
Qualcomm, Inc.SnapdragonSnapdragon 429 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 3 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon AR1 Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon AR1 Gen 1 Platform "Luna1"affected
Qualcomm, Inc.SnapdragonSnapdragon AR2 Gen 1 Platformaffected
Qualcomm, Inc.SnapdragonSSG2115Paffected
Qualcomm, Inc.SnapdragonSSG2125Paffected
Qualcomm, Inc.SnapdragonSXR1230Paffected
Qualcomm, Inc.SnapdragonSXR2230Paffected
Qualcomm, Inc.SnapdragonSXR2250Paffected
Qualcomm, Inc.SnapdragonSXR2330Paffected
Qualcomm, Inc.SnapdragonWCD9378affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCD9390affected
Qualcomm, Inc.SnapdragonWCD9395affected
Qualcomm, Inc.SnapdragonWCN3620affected
Qualcomm, Inc.SnapdragonWCN3660Baffected
Qualcomm, Inc.SnapdragonWCN3680Baffected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN7750affected
Qualcomm, Inc.SnapdragonWCN7860affected
Qualcomm, Inc.SnapdragonWCN7861affected
Qualcomm, Inc.SnapdragonWCN7880affected
Qualcomm, Inc.SnapdragonWCN7881affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected

Weaknesses

  • CWE-416: CWE-416 Use After Free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References