What is the severity of CVE-2024-21456?

CVE-2024-21456 has been categorized with a medium severity rating due to information disclosure vulnerabilities when parsing beacon frames.

How do I fix CVE-2024-21456?

To remediate CVE-2024-21456, it is recommended to update the affected firmware to the latest version provided by Qualcomm.

Which devices are affected by CVE-2024-21456?

CVE-2024-21456 affects multiple Qualcomm firmware versions including Ar8035, Fastconnect 7800, and several others.

What types of information could be disclosed due to CVE-2024-21456?

Vulnerabilities in CVE-2024-21456 may allow attackers to obtain sensitive information from the beacon frame parsing process.

Is there a workaround for CVE-2024-21456?

Currently, the recommended approach for CVE-2024-21456 is to apply the necessary firmware updates rather than relying on workarounds.

Vulnerability/
CVE-2024-21456

critical

9.1

CWE

126 125

1/7/2024

21/8/2024

CVE-2024-21456: Buffer Over-read in WLAN HOST

First published: Mon Jul 01 2024(Updated: )

Information Disclosure while parsing beacon frame in STA.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
All of
Qualcomm AR8035 Firmware
Qualcomm AR8035 Firmware
All of
Qualcomm FastConnect 7800 Firmware
Qualcomm Fastconnect 7800 Firmware
All of
Qualcomm QAM8255P
Qualcomm QAM8255P Firmware
All of
Qualcomm QAM8620P
Qualcomm QAM8620P Firmware
All of
Qualcomm QAM8650P Firmware
Qualcomm QAM8650P Firmware
All of
Qualcomm QAM8775P
Qualcomm QAM8775P Firmware
All of
Qualcomm SRV1H Firmware
Qualcomm QAMSRV1H Firmware
All of
Qualcomm QAMSRV1M Firmware
Qualcomm QAMSRV1M Firmware
All of
qualcomm qca6554a firmware
qualcomm qca6554a firmware
All of
Qualcomm QCA6564AU Firmware
Qualcomm QCA6564A
All of
Qualcomm QCA6574 Firmware
Qualcomm QCA6574 Firmware
All of
Qualcomm QCA6574A Firmware
qualcomm qca6574a firmware
All of
Qualcomm QCA6574 Firmware
Qualcomm QCA6574AU
All of
Qualcomm QCA6584AU Firmware
Qualcomm QCA6584AU firmware
All of
Qualcomm QCA6595AU Firmware
Qualcomm QCA6595AU Firmware
All of
Qualcomm QCA6595AU Firmware
Qualcomm QCA6595AU Firmware
All of
Qualcomm QCA6678AQ Firmware
Qualcomm QCA6678AQ Firmware
All of
Qualcomm QCA6696 Firmware
Qualcomm QCA6696 Firmware
All of
Qualcomm QCA6698AQ
Qualcomm QCA6698AQ Firmware
All of
Qualcomm QCA8081 firmware
Qualcomm QCA8081 firmware
All of
Qualcomm QCA8337 Firmware
Qualcomm QCA8337 Firmware
All of
Qualcomm QCC2073 Firmware
Qualcomm QCC2073 Firmware
All of
Qualcomm Qcc2076 Firmware
Qualcomm Qcc2076 Firmware
All of
Qualcomm QCC710
Qualcomm QCC710
All of
Qualcomm QCN6224 Firmware
Qualcomm QCN6224 Firmware
All of
Qualcomm QCN6274 Firmware
Qualcomm QCN6274 Firmware
All of
Qualcomm QFW7114 Firmware
Qualcomm QFW7114 Firmware
All of
Qualcomm QFW7124
Qualcomm QFW7124
All of
Qualcomm SA7255P
qualcomm sa7255p firmware
All of
Qualcomm SA7775P Firmware
Qualcomm SA7775P Firmware
All of
Qualcomm SA8255P Firmware
Qualcomm SA8255P Firmware
All of
Qualcomm SA8650P
Qualcomm SA8650P
All of
Qualcomm SA8770P Firmware
qualcomm sa8770p firmware
All of
Qualcomm SA8775P
Qualcomm SA8775P
All of
Qualcomm SA9000P Firmware
Qualcomm SA9000P Firmware
All of
Qualcomm Snapdragon Auto 5G-RF Gen 2 Firmware
Qualcomm Snapdragon Auto 5G Modem-RF
All of
Qualcomm Snapdragon X72 5G-RF System Firmware
Qualcomm Snapdragon X72 5G Modem-RF
All of
Qualcomm Snapdragon X75 5G Modem-RF System Firmware
Qualcomm Snapdragon X75 5G Modem-RF
All of
Qualcomm SRV1H
Qualcomm SRV1H Firmware
All of
Qualcomm SRV1L Firmware
Qualcomm SRV1L Firmware
All of
Qualcomm SRV1M
Qualcomm SRV1M Firmware
All of
Qualcomm WCD9340 Firmware
Qualcomm WCD9340 Firmware

Remedy

https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html

Never miss a vulnerability like this again

Reference Links

https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html

Frequently Asked Questions

What is the severity of CVE-2024-21456?
CVE-2024-21456 has been categorized with a medium severity rating due to information disclosure vulnerabilities when parsing beacon frames.
How do I fix CVE-2024-21456?
To remediate CVE-2024-21456, it is recommended to update the affected firmware to the latest version provided by Qualcomm.
Which devices are affected by CVE-2024-21456?
CVE-2024-21456 affects multiple Qualcomm firmware versions including Ar8035, Fastconnect 7800, and several others.
What types of information could be disclosed due to CVE-2024-21456?
Vulnerabilities in CVE-2024-21456 may allow attackers to obtain sensitive information from the beacon frame parsing process.
Is there a workaround for CVE-2024-21456?
Currently, the recommended approach for CVE-2024-21456 is to apply the necessary firmware updates rather than relying on workarounds.

agent/title
agent/references
agent/first-publish-date
agent/description
agent/type
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/weakness
agent/last-modified-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/qualcomm
canonical/qualcomm ar8035 firmware
canonical/qualcomm fastconnect 7800 firmware
canonical/qualcomm qam8255p
canonical/qualcomm qam8255p firmware
canonical/qualcomm qam8620p
canonical/qualcomm qam8620p firmware
canonical/qualcomm qam8650p firmware
canonical/qualcomm qam8775p
canonical/qualcomm qam8775p firmware
canonical/qualcomm srv1h firmware
canonical/qualcomm qamsrv1h firmware
canonical/qualcomm qamsrv1m firmware
canonical/qualcomm qca6554a firmware
canonical/qualcomm qca6564au firmware
canonical/qualcomm qca6564a
canonical/qualcomm qca6574 firmware
canonical/qualcomm qca6574a firmware
canonical/qualcomm qca6574au
canonical/qualcomm qca6584au firmware
canonical/qualcomm qca6595au firmware
canonical/qualcomm qca6678aq firmware
canonical/qualcomm qca6696 firmware
canonical/qualcomm qca6698aq
canonical/qualcomm qca6698aq firmware
canonical/qualcomm qca8081 firmware
canonical/qualcomm qca8337 firmware
canonical/qualcomm qcc2073 firmware
canonical/qualcomm qcc2076 firmware
canonical/qualcomm qcc710
canonical/qualcomm qcn6224 firmware
canonical/qualcomm qcn6274 firmware
canonical/qualcomm qfw7114 firmware
canonical/qualcomm qfw7124
canonical/qualcomm sa7255p
canonical/qualcomm sa7255p firmware
canonical/qualcomm sa7775p firmware
canonical/qualcomm sa8255p firmware
canonical/qualcomm sa8650p
canonical/qualcomm sa8770p firmware
canonical/qualcomm sa8775p
canonical/qualcomm sa9000p firmware
canonical/qualcomm snapdragon auto 5g-rf gen 2 firmware
canonical/qualcomm snapdragon auto 5g modem-rf
canonical/qualcomm snapdragon x72 5g-rf system firmware
canonical/qualcomm snapdragon x72 5g modem-rf
canonical/qualcomm snapdragon x75 5g modem-rf system firmware
canonical/qualcomm snapdragon x75 5g modem-rf
canonical/qualcomm srv1h
canonical/qualcomm srv1l firmware
canonical/qualcomm srv1m
canonical/qualcomm srv1m firmware
canonical/qualcomm wcd9340 firmware