Description

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.

INFO

Published Date :

2024-11-04T10:04:53.283Z

Last Modified :

2024-11-16T04:55:25.671Z

Source :

qualcomm
AFFECTED PRODUCTS

The following products are affected by CVE-2024-38410 vulnerability.

Vendors Products
Qualcomm
  • Fastconnect 6700
  • Fastconnect 6700 Firmware
  • Fastconnect 6900
  • Fastconnect 6900 Firmware
  • Fastconnect 7800
  • Fastconnect 7800 Firmware
  • Qcc2073
  • Qcc2073 Firmware
  • Qcc2076
  • Qcc2076 Firmware
  • Qcm5430
  • Qcm5430 Firmware
  • Qcm6490
  • Qcm6490 Firmware
  • Qcs5430
  • Qcs5430 Firmware
  • Qcs6490
  • Qcs6490 Firmware
  • Qualcomm Video Collaboration Vc3 Platform Firmware
  • Sc8380xp
  • Sc8380xp Firmware
  • Sdm429w
  • Sdm429w Firmware
  • Snapdragon 429 Mobile Platform
  • Snapdragon 429 Mobile Platform Firmware
  • Snapdragon 8cx Gen 3 Compute Platform
  • Snapdragon 8cx Gen 3 Compute Platform Firmware
  • Video Collaboration Vc3 Platform
  • Video Collaboration Vc3 Platform Firmware
  • Wcd9370
  • Wcd9370 Firmware
  • Wcd9375
  • Wcd9375 Firmware
  • Wcd9380
  • Wcd9380 Firmware
  • Wcd9385
  • Wcd9385 Firmware
  • Wcn3620
  • Wcn3620 Firmware
  • Wcn3660b
  • Wcn3660b Firmware
  • Wsa8830
  • Wsa8830 Firmware
  • Wsa8835
  • Wsa8835 Firmware
  • Wsa8840
  • Wsa8840 Firmware
  • Wsa8845
  • Wsa8845 Firmware
  • Wsa8845h
  • Wsa8845h Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-38410.

URL Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact