First published: Mon Oct 07 2024(Updated: )
Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Qualcomm WSA8835 | ||
Qualcomm WSA8835 Firmware | ||
All of | ||
Qualcomm WSA8830 | ||
Qualcomm WSA8830 | ||
All of | ||
Qualcomm WCN3988 Firmware | ||
Qualcomm WCN3988 Firmware | ||
All of | ||
Qualcomm Wcn3980 | ||
Qualcomm WCN3980 | ||
All of | ||
Qualcomm SW5100 Firmware | ||
Qualcomm SW5100 Firmware | ||
All of | ||
Qualcomm SW5100P | ||
Qualcomm SW5100P | ||
All of | ||
Qualcomm Snapdragon Auto 5G-RF Gen 2 Firmware | ||
Qualcomm Snapdragon Auto 5G Modem-RF | ||
All of | ||
Qualcomm QCA9377 Firmware | ||
Qualcomm QCA9377 Firmware | ||
All of | ||
Qualcomm QCA9367 Firmware | ||
Qualcomm QCA9367 Firmware | ||
All of | ||
Qualcomm QCA6698AQ | ||
Qualcomm QCA6698AQ Firmware | ||
All of | ||
Qualcomm QCA6584AU Firmware | ||
Qualcomm QCA6584AU firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2024-23370 is currently classified as high due to the potential for memory corruption.
To address CVE-2024-23370, it is recommended to apply the latest firmware updates provided by Qualcomm for affected devices.
CVE-2024-23370 affects multiple Qualcomm firmware versions across various products, including WSA8835, WSA8830, and WCN3988.
CVE-2024-23370 enables potential attackers to execute arbitrary code due to memory corruption vulnerabilities when handling IOCTL calls.
As of the latest information, there is no confirmed evidence that CVE-2024-23370 is being actively exploited in the wild.