What is the severity of CVE-2024-21474?

CVE-2024-21474 has a critical severity due to its potential to cause memory corruption.

How do I fix CVE-2024-21474?

To fix CVE-2024-21474, ensure proper validation and re-initialization of buffers before use.

What software is affected by CVE-2024-21474?

CVE-2024-21474 affects various Qualcomm firmware including the Ar8035, Fastconnect 6900, and other models.

Can CVE-2024-21474 lead to system crashes?

Yes, CVE-2024-21474 may lead to system instability and crashes due to memory corruption issues.

Is there any workaround for CVE-2024-21474?

The best workaround for CVE-2024-21474 is to avoid using vulnerable firmware versions until a patch is applied.

Vulnerability/
CVE-2024-21474

high

8.4

CWE

121 787

6/5/2024

15/1/2025

CVE-2024-21474: Stack-based Buffer Overflow in PMIC

First published: Mon May 06 2024(Updated: )

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
All of
Qualcomm AR8035 Firmware
Qualcomm AR8035 Firmware
All of
Qualcomm FastConnect 6900 Firmware
Qualcomm Fastconnect 6900 Firmware
All of
Qualcomm Fastconnect 7800 Firmware
Qualcomm Fastconnect 7800 Firmware
All of
Qualcomm QAM8295P
Qualcomm QAM8295P
All of
Qualcomm QCA6574 Firmware
Qualcomm QCA6574AU
All of
Qualcomm QCA6595AU Firmware
Qualcomm QCA6595AU Firmware
All of
Qualcomm QCA6696 Firmware
Qualcomm QCA6696 Firmware
All of
Qualcomm QCA6698AQ
Qualcomm QCA6698AQ Firmware
All of
Qualcomm QCA8081 firmware
Qualcomm QCA8081 firmware
All of
Qualcomm QCA8337 Firmware
Qualcomm QCA8337 Firmware
All of
Qualcomm SA8295P Firmware
Qualcomm SA8295P Firmware
All of
qualcomm sa8530p
qualcomm sa8530p firmware
All of
Qualcomm SA8540P
Qualcomm SA8540P Firmware
All of
qualcomm sa9000p firmware
Qualcomm SA9000P
All of
Qualcomm SC8380XP
qualcomm sc8380xp firmware
All of
qualcomm sc8280xp-abbb
qualcomm sc8280xp-abbb firmware
All of
Qualcomm Snapdragon X65 5G Modem-RF Firmware
Qualcomm Snapdragon X65 5G Modem-RF System
All of
Qualcomm WCD9380
Qualcomm WCD9380 Firmware
All of
Qualcomm WCD9385
Qualcomm WCD9385 Firmware
All of
Qualcomm WSA8830
Qualcomm WSA8830
All of
Qualcomm WSA8835
Qualcomm WSA8835 Firmware
All of
Qualcomm WSA8840 Firmware
Qualcomm WSA8840 Firmware
All of
Qualcomm WSA8845H
Qualcomm WSA8845 Firmware
All of
Qualcomm WSA8845H
Qualcomm WSA8845H Firmware

Never miss a vulnerability like this again

Reference Links

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html

Frequently Asked Questions

What is the severity of CVE-2024-21474?
CVE-2024-21474 has a critical severity due to its potential to cause memory corruption.
How do I fix CVE-2024-21474?
To fix CVE-2024-21474, ensure proper validation and re-initialization of buffers before use.
What software is affected by CVE-2024-21474?
CVE-2024-21474 affects various Qualcomm firmware including the Ar8035, Fastconnect 6900, and other models.
Can CVE-2024-21474 lead to system crashes?
Yes, CVE-2024-21474 may lead to system instability and crashes due to memory corruption issues.
Is there any workaround for CVE-2024-21474?
The best workaround for CVE-2024-21474 is to avoid using vulnerable firmware versions until a patch is applied.

agent/title
agent/references
agent/type
agent/description
agent/first-publish-date
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/qualcomm
canonical/qualcomm ar8035 firmware
canonical/qualcomm fastconnect 6900 firmware
canonical/qualcomm fastconnect 7800 firmware
canonical/qualcomm qam8295p
canonical/qualcomm qca6574 firmware
canonical/qualcomm qca6574au
canonical/qualcomm qca6595au firmware
canonical/qualcomm qca6696 firmware
canonical/qualcomm qca6698aq
canonical/qualcomm qca6698aq firmware
canonical/qualcomm qca8081 firmware
canonical/qualcomm qca8337 firmware
canonical/qualcomm sa8295p firmware
canonical/qualcomm sa8530p
canonical/qualcomm sa8530p firmware
canonical/qualcomm sa8540p
canonical/qualcomm sa8540p firmware
canonical/qualcomm sa9000p firmware
canonical/qualcomm sa9000p
canonical/qualcomm sc8380xp
canonical/qualcomm sc8380xp firmware
canonical/qualcomm sc8280xp-abbb
canonical/qualcomm sc8280xp-abbb firmware
canonical/qualcomm snapdragon x65 5g modem-rf firmware
canonical/qualcomm snapdragon x65 5g modem-rf system
canonical/qualcomm wcd9380
canonical/qualcomm wcd9380 firmware
canonical/qualcomm wcd9385
canonical/qualcomm wcd9385 firmware
canonical/qualcomm wsa8830
canonical/qualcomm wsa8835
canonical/qualcomm wsa8835 firmware
canonical/qualcomm wsa8840 firmware
canonical/qualcomm wsa8845h
canonical/qualcomm wsa8845 firmware
canonical/qualcomm wsa8845h firmware