medium
6.7
CWE
416
Advisory Published
Updated

CVE-2024-23376: Use After Free in ComputerVision

First published: Mon Oct 07 2024(Updated: )

Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.

Credit: product-security@qualcomm.com

Affected SoftwareAffected VersionHow to fix
All of
Qualcomm WSA8835
Qualcomm WSA8835 Firmware
All of
Qualcomm WSA8830
Qualcomm WSA8830
All of
Qualcomm WCN3988 Firmware
Qualcomm WCN3988 Firmware
All of
Qualcomm Wcn3980
Qualcomm WCN3980
All of
Qualcomm WCD9380
Qualcomm WCD9380 Firmware
All of
Qualcomm SW5100 Firmware
Qualcomm SW5100 Firmware
All of
Qualcomm SW5100P
Qualcomm SW5100P
All of
Qualcomm Snapdragon W5+ Gen 1 Wearable Platform Firmware
Qualcomm Snapdragon W5+ Gen 1 Wearable Platform
All of
Qualcomm Snapdragon 8 Gen 1 Mobile Platform
Qualcomm Snapdragon 8 Gen 1 Mobile Firmware
All of
Qualcomm SA8195P
Qualcomm SA8195P Firmware
All of
Qualcomm SA8155
Qualcomm SA8155P Firmware
All of
Qualcomm SA8150P Firmware
Qualcomm SA8150P Firmware
All of
Qualcomm SA8145P
Qualcomm SA8145P Firmware
All of
Qualcomm SA6155
Qualcomm SA6155P
All of
Qualcomm SA6150P Firmware
Qualcomm SA6150P Firmware
All of
Qualcomm SA6145P Firmware
Qualcomm SA6145P Firmware
All of
Qualcomm QCA6696 Firmware
Qualcomm QCA6696 Firmware
All of
Qualcomm QCA6574 Firmware
Qualcomm QCA6574AU
All of
Qualcomm QCA6174A Firmware
Qualcomm QCA6174A Firmware
All of
Qualcomm FastConnect 7800 Firmware
Qualcomm Fastconnect 7800 Firmware
All of
Qualcomm FastConnect 6900 Firmware
Qualcomm Fastconnect 6900 Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-23376?

    CVE-2024-23376 has been identified as a memory corruption vulnerability which may lead to system instability or potential unauthorized access.

  • How do I fix CVE-2024-23376?

    To fix CVE-2024-23376, you should apply the latest firmware updates provided by Qualcomm for affected software components.

  • What software is affected by CVE-2024-23376?

    CVE-2024-23376 affects various Qualcomm firmware versions, including WSA8835, WSA8830, WCN3988, and others.

  • Can CVE-2024-23376 be exploited remotely?

    Yes, CVE-2024-23376 can potentially be exploited remotely through the user-space to kernel-space communication mechanism.

  • What are the consequences of exploiting CVE-2024-23376?

    Exploiting CVE-2024-23376 could lead to memory corruption, resulting in crashes or unauthorized access to sensitive information.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203