PT-2025-2870 · Qualcomm · Snapdragon+9

Published

2025-02-03

Updated

2025-02-03

CVE-2024-49840

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue involves memory corruption when invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality. This can occur when the system attempts to validate the encryption or decryption functionality from the user space, leading to memory corruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-823CWE-119

Related Identifiers

BDU:2025-05524

CVE-2024-49840

Affected Products

Snapdragon

Fastconnect 6900 Firmware

Fastconnect 7800 Firmware

Qcc2073 Firmware

Qcc2076 Firmware

Sc8380Xp Firmware

Wcd9380 Firmware

Wcd9385 Firmware

Wsa8840 Firmware

Wsa8845 Firmware

PT-2025-2870 · Qualcomm · Snapdragon+9

CVE-2024-49840

Weakness Enumeration

Related Identifiers

Affected Products

References · 5