CVE-2024-38410

EUVD-2024-37311
Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
qualcommwsa8845h_firmware
-
qualcommwsa8845_firmware
-
qualcommwsa8840_firmware
-
qualcommwsa8835_firmware
-
qualcommwsa8830_firmware
-
qualcommwcn3660b_firmware
-
qualcommwcn3620_firmware
-
qualcommwcd9385_firmware
-
qualcommwcd9380_firmware
-
qualcommwcd9375_firmware
-
qualcommwcd9370_firmware
-
qualcommsnapdragon_8cx_gen_3_compute_platform_firmware
-
qualcommsnapdragon_429_mobile_platform_firmware
-
qualcommsdm429w_firmware
-
qualcommsc8380xp_firmware
-
qualcommvideo_collaboration_vc3_platform_firmware
-
qualcommqcs6490_firmware
-
qualcommqcs5430_firmware
-
qualcommqcm6490_firmware
-
qualcommqcm5430_firmware
-
qualcommqcc2076_firmware
-
qualcommqcc2073_firmware
-
qualcommfastconnect_7800_firmware
-
qualcommfastconnect_6900_firmware
-
qualcommfastconnect_6700_firmware
-
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
qualcommfastconnect_6700_firmware
𝑥
≤ *
ADP
qualcommfastconnect_6900_firmware
𝑥
≤ *
ADP
qualcommfastconnect_7800_firmware
𝑥
≤ *
ADP
qualcommqcc2073_firmware
𝑥
≤ *
ADP
qualcommqcc2076_firmware
𝑥
≤ *
ADP
qualcommqcm5430_firmware
𝑥
≤ *
ADP
qualcommqcm6490_firmware
𝑥
≤ *
ADP
qualcommqcs5430_firmware
𝑥
≤ *
ADP
qualcommqcs6490_firmware
𝑥
≤ *
ADP
qualcommqualcomm_video_collaboration_vc3_platform_firmware
𝑥
≤ *
ADP
qualcommsc8380xp_firmware
𝑥
≤ *
ADP
qualcommsdm429w_firmware
𝑥
≤ *
ADP
qualcommsnapdragon_429_mobile_platform_firmware
𝑥
≤ *
ADP
qualcommwcd9370_firmware
𝑥
≤ *
ADP
qualcommwcd9375_firmware
𝑥
≤ *
ADP
qualcommwcd9380_firmware
𝑥
≤ *
ADP
qualcommwcd9385_firmware
𝑥
≤ *
ADP
qualcommwcn3620_firmware
𝑥
≤ *
ADP
qualcommwcn3660b_firmware
𝑥
≤ *
ADP
qualcommwsa8830_firmware
𝑥
≤ *
ADP
qualcommwsa8835_firmware
𝑥
≤ *
ADP
qualcommwsa8840_firmware
𝑥
≤ *
ADP
qualcommwsa8845_firmware
𝑥
≤ *
ADP
qualcommwsa8845h_firmware
𝑥
≤ *
ADP
Common Weakness Enumeration
References
https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html