CVE-2024-23374

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
qualcommCNA
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
qualcommwsa8835_firmware
-
qualcommwsa8830_firmware
-
qualcommwcn3988_firmware
-
qualcommwcn3980_firmware
-
qualcommwcd9380_firmware
-
qualcommsw5100p_firmware
-
qualcommsw5100_firmware
-
qualcommsnapdragon_w5\+_gen_1_wearable_platform_firmware
-
qualcommsnapdragon_auto_5g_modem-rf_gen_2_firmware
-
qualcommsnapdragon_8_gen_1_mobile_platform_firmware
-
qualcommsa8195p_firmware
-
qualcommsa8155p_firmware
-
qualcommsa8150p_firmware
-
qualcommsa8145p_firmware
-
qualcommsa6155p_firmware
-
qualcommsa6150p_firmware
-
qualcommsa6145p_firmware
-
qualcommqca9377_firmware
-
qualcommqca9367_firmware
-
qualcommqca6698aq_firmware
-
qualcommqca6696_firmware
-
qualcommqca6584au_firmware
-
qualcommqca6574au_firmware
-
qualcommqca6174a_firmware
-
qualcommfastconnect_7800_firmware
-
qualcommfastconnect_6900_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html