PT-2024-19847 · Qualcomm · Snapdragon+10
Published
2024-10-07
·
Updated
2024-10-16
·
CVE-2024-23370
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
No specific software or versions are mentioned in the provided descriptions.
Description
The issue involves memory corruption that occurs when one process invokes IOCTL calls from user-space to create a HAB virtual channel, and another process invokes IOCTL calls to destroy the same channel. This conflict leads to memory corruption.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Snapdragon
Qca6584Au Firmware
Qca6698Aq Firmware
Qca9367 Firmware
Qca9377 Firmware
Snapdragon Auto 5G Modem-Rf Gen 2 Firmware
Sw5100P Firmware
Wcn3980 Firmware
Wcn3988 Firmware
Wsa8830 Firmware
Wsa8835 Firmware