CVE-2024-53019

Summary

Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6700affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQCA6310affected
Qualcomm, Inc.SnapdragonQCA6320affected
Qualcomm, Inc.SnapdragonQCA6696affected
Qualcomm, Inc.SnapdragonQCM4490affected
Qualcomm, Inc.SnapdragonQCS4490affected
Qualcomm, Inc.SnapdragonQMP1000affected
Qualcomm, Inc.SnapdragonSA4150Paffected
Qualcomm, Inc.SnapdragonSA4155Paffected
Qualcomm, Inc.SnapdragonSA6155Paffected
Qualcomm, Inc.SnapdragonSA8155Paffected
Qualcomm, Inc.SnapdragonSA8195Paffected
Qualcomm, Inc.SnapdragonSD 8 Gen1 5Gaffected
Qualcomm, Inc.SnapdragonSD835affected
Qualcomm, Inc.SnapdragonSDM429Waffected
Qualcomm, Inc.SnapdragonSM4635affected
Qualcomm, Inc.SnapdragonSM6650affected
Qualcomm, Inc.SnapdragonSM6650Paffected
Qualcomm, Inc.SnapdragonSM7635affected
Qualcomm, Inc.SnapdragonSM7675affected
Qualcomm, Inc.SnapdragonSM7675Paffected
Qualcomm, Inc.SnapdragonSM8550Paffected
Qualcomm, Inc.SnapdragonSM8635affected
Qualcomm, Inc.SnapdragonSM8635Paffected
Qualcomm, Inc.SnapdragonSM8650Qaffected
Qualcomm, Inc.SnapdragonSM8735affected
Qualcomm, Inc.SnapdragonSM8750affected
Qualcomm, Inc.SnapdragonSM8750Paffected
Qualcomm, Inc.SnapdragonSnapdragon 4 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 4 Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 429 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 480 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 480+ 5G Mobile Platform (SM4350-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 695 5G Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8 Gen 3 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8+ Gen 1 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 8+ Gen 2 Mobile Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon 835 Mobile PC Platformaffected
Qualcomm, Inc.SnapdragonSnapdragon W5+ Gen 1 Wearable Platformaffected
Qualcomm, Inc.SnapdragonSW5100affected
Qualcomm, Inc.SnapdragonSW5100Paffected
Qualcomm, Inc.SnapdragonTalynPlusaffected
Qualcomm, Inc.SnapdragonWCD9335affected
Qualcomm, Inc.SnapdragonWCD9340affected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9378affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWCD9390affected
Qualcomm, Inc.SnapdragonWCD9395affected
Qualcomm, Inc.SnapdragonWCN3620affected
Qualcomm, Inc.SnapdragonWCN3660Baffected
Qualcomm, Inc.SnapdragonWCN3680Baffected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN3980affected
Qualcomm, Inc.SnapdragonWCN3988affected
Qualcomm, Inc.SnapdragonWCN3990affected
Qualcomm, Inc.SnapdragonWCN6450affected
Qualcomm, Inc.SnapdragonWCN6650affected
Qualcomm, Inc.SnapdragonWCN6740affected
Qualcomm, Inc.SnapdragonWCN6755affected
Qualcomm, Inc.SnapdragonWCN7750affected
Qualcomm, Inc.SnapdragonWCN7860affected
Qualcomm, Inc.SnapdragonWCN7861affected
Qualcomm, Inc.SnapdragonWCN7880affected
Qualcomm, Inc.SnapdragonWCN7881affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8832affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References