CVE-2024-21455

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue involves memory corruption that occurs when a compat IOCTL call is followed by another IOCTL call from userspace to a driver. This can lead to memory corruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Untrusted Pointer Dereference

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-822CWE-119

Related Identifiers

CVE-2024-21455

Affected Products

Snapdragon

Qam8295P Firmware

Qca6584Au Firmware

Qca6595Au Firmware

Qca6688Aq Firmware

Qca6696 Firmware

Qca6698Aq Firmware

Qcm6125 Firmware

Qualcomm Video Collaboration Vc1 Platform Firmware

Sa8295P Firmware

Sa4150P Firmware

Snapdragon 680 4G Mobile Platform Firmware

Snapdragon 685 4G Mobile Platform (Sm6225-Ad) Firmware

Snapdragon Auto 5G Modem-Rf Gen 2 Firmware

Video Collaboration Vc1 Platform Firmware

Wcd9370 Firmware

Wcd9375 Firmware

Wcn3950 Firmware

Wcn3980 Firmware

Wsa8810 Firmware

Wsa8815 Firmware

CVE-2024-21455

Weakness Enumeration

Related Identifiers

Affected Products

References · 7