CVE-2024-21474: Stack-based Buffer Overflow in PMIC

First published: Mon May 06 2024(Updated: )

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
All of
Qualcomm Ar8035 Firmware
Qualcomm Ar8035
All of
Qualcomm Fastconnect 6900 Firmware
Qualcomm Fastconnect 6900
All of
Qualcomm Fastconnect 7800 Firmware
Qualcomm Fastconnect 7800
All of
Qualcomm Qam8295p Firmware
Qualcomm Qam8295p
All of
Qualcomm Qca6574au Firmware
Qualcomm Qca6574au
All of
Qualcomm Qca6595 Firmware
Qualcomm Qca6595
All of
Qualcomm Qca6696 Firmware
Qualcomm Qca6696
All of
Qualcomm Qca6698aq Firmware
Qualcomm Qca6698aq
All of
Qualcomm Qca8081 Firmware
Qualcomm Qca8081
All of
Qualcomm Qca8337 Firmware
Qualcomm Qca8337
All of
Qualcomm Sa8295p Firmware
Qualcomm Sa8295p
All of
Qualcomm Sa8530p Firmware
Qualcomm Sa8530p
All of
Qualcomm Sa8540p Firmware
Qualcomm Sa8540p
All of
Qualcomm Sa9000p Firmware
Qualcomm Sa9000p
All of
Qualcomm Sc8380xp Firmware
Qualcomm Sc8380xp
All of
Qualcomm Sc8280xp-abbb Firmware
Qualcomm Sc8280xp-abbb
All of
Qualcomm Snapdragon X65 5g Modem-rf Firmware
Qualcomm Snapdragon X65 5g Modem-rf
All of
Qualcomm Wcd9380 Firmware
Qualcomm Wcd9380
All of
Qualcomm Wcd9385 Firmware
Qualcomm Wcd9385
All of
Qualcomm Wsa8830 Firmware
Qualcomm Wsa8830
All of
Qualcomm Wsa8835 Firmware
Qualcomm Wsa8835
All of
Qualcomm Wsa8840 Firmware
Qualcomm Wsa8840
All of
Qualcomm Wsa8845 Firmware
Qualcomm Wsa8845
All of
Qualcomm Wsa8845h Firmware
Qualcomm Wsa8845h

Never miss a vulnerability like this again

Reference Links

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html

agent/title
agent/references
agent/type
agent/description
agent/first-publish-date
agent/author
agent/event
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/weakness
agent/severity
agent/last-modified-date
agent/softwarecombine
agent/tags
vendor/qualcomm
canonical/qualcomm ar8035 firmware
canonical/qualcomm ar8035
canonical/qualcomm fastconnect 6900 firmware
canonical/qualcomm fastconnect 6900
canonical/qualcomm fastconnect 7800 firmware
canonical/qualcomm fastconnect 7800
canonical/qualcomm qam8295p firmware
canonical/qualcomm qam8295p
canonical/qualcomm qca6574au firmware
canonical/qualcomm qca6574au
canonical/qualcomm qca6595 firmware
canonical/qualcomm qca6595
canonical/qualcomm qca6696 firmware
canonical/qualcomm qca6696
canonical/qualcomm qca6698aq firmware
canonical/qualcomm qca6698aq
canonical/qualcomm qca8081 firmware
canonical/qualcomm qca8081
canonical/qualcomm qca8337 firmware
canonical/qualcomm qca8337
canonical/qualcomm sa8295p firmware
canonical/qualcomm sa8295p
canonical/qualcomm sa8530p firmware
canonical/qualcomm sa8530p
canonical/qualcomm sa8540p firmware
canonical/qualcomm sa8540p
canonical/qualcomm sa9000p firmware
canonical/qualcomm sa9000p
canonical/qualcomm sc8380xp firmware
canonical/qualcomm sc8380xp
canonical/qualcomm sc8280xp-abbb firmware
canonical/qualcomm sc8280xp-abbb
canonical/qualcomm snapdragon x65 5g modem-rf firmware
canonical/qualcomm snapdragon x65 5g modem-rf
canonical/qualcomm wcd9380 firmware
canonical/qualcomm wcd9380
canonical/qualcomm wcd9385 firmware
canonical/qualcomm wcd9385
canonical/qualcomm wsa8830 firmware
canonical/qualcomm wsa8830
canonical/qualcomm wsa8835 firmware
canonical/qualcomm wsa8835
canonical/qualcomm wsa8840 firmware
canonical/qualcomm wsa8840
canonical/qualcomm wsa8845 firmware
canonical/qualcomm wsa8845
canonical/qualcomm wsa8845h firmware
canonical/qualcomm wsa8845h

CVE-2024-21474: Stack-based Buffer Overflow in PMIC

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact