CVE-2024-23376

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions prior to WSA8835

Description The issue is related to memory corruption that occurs when sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call. This can potentially allow an attacker to execute arbitrary code. The vulnerability is also described as a use-after-free issue in the Qualcomm Snapdragon Auto software.

Recommendations For Qualcomm Snapdragon Auto versions prior to WSA8835, patch the affected systems immediately to resolve the issue. As a temporary workaround, consider restricting access to the IOCTL call to minimize the risk of exploitation.