CVE-2024-45578

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions The product name cannot be determined.

Description The issue involves memory corruption that occurs during the acquisition and update of IOCTLs, specifically when validating the output resource ID for IFE. This corruption happens due to improper handling of memory during these operations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

CVE-2024-45578

Affected Products

Snapdragon

Fastconnect 6900 Firmware

Fastconnect 7800 Firmware

Sdm429W Firmware

Snapdragon 429 Mobile Firmware

Snapdragon 8 Gen 1 Mobile Firmware

Sxr2230P Firmware

Sxr2250P Firmware

Wcd9380 Firmware

Wcd9385 Firmware

Wcn3620 Firmware

Wcn3660B Firmware

Wsa8830 Firmware

Wsa8832 Firmware

Wsa8835 Firmware

CVE-2024-45578

Weakness Enumeration

Related Identifiers

Affected Products

References · 4