PT-2024-25088 · Unknown · Adsp Btfm Client
Published
2024-09-02
·
Updated
2024-09-04
·
CVE-2024-33045
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ADSP BTFM client (affected versions not specified)
Description
The issue is related to memory corruption that occurs when the BTFM client sends new messages over Slimbus to the ADSP. This happens due to the improper handling of a local completion variable called
done in the functions qcom slim ngd xfer msg and qcom slim ngd xfer msg sync, which is accessed beyond the scope of these functions.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Adsp Btfm Client