First published: Mon Oct 07 2024(Updated: )
Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Qualcomm SRV1M | ||
Qualcomm SRV1M Firmware | ||
All of | ||
Qualcomm SRV1H | ||
Qualcomm SRV1H Firmware | ||
All of | ||
Qualcomm Snapdragon Auto 5G-RF Gen 2 Firmware | ||
Qualcomm Snapdragon Auto 5G Modem-RF | ||
All of | ||
Qualcomm SA9000P Firmware | ||
Qualcomm SA9000P Firmware | ||
All of | ||
Qualcomm SA8775P | ||
Qualcomm SA8775P | ||
All of | ||
Qualcomm SA8770P Firmware | ||
qualcomm sa8770p firmware | ||
All of | ||
Qualcomm SA8650P | ||
Qualcomm SA8650P | ||
All of | ||
Qualcomm SA8620P | ||
Qualcomm SA8620P | ||
All of | ||
Qualcomm SA8255P Firmware | ||
Qualcomm SA8255P Firmware | ||
All of | ||
Qualcomm SA7775P Firmware | ||
Qualcomm SA7775P Firmware | ||
All of | ||
Qualcomm SA7255P | ||
qualcomm sa7255p firmware | ||
All of | ||
Qualcomm QCA6698AQ | ||
Qualcomm QCA6698AQ Firmware | ||
All of | ||
Qualcomm QCA6584AU Firmware | ||
Qualcomm QCA6584AU firmware | ||
All of | ||
Qualcomm QAMSRV1M Firmware | ||
Qualcomm QAMSRV1M Firmware | ||
All of | ||
Qualcomm SRV1H Firmware | ||
Qualcomm QAMSRV1H Firmware | ||
All of | ||
Qualcomm QAM8775P | ||
Qualcomm QAM8775P Firmware | ||
All of | ||
Qualcomm QAM8650P Firmware | ||
Qualcomm QAM8650P Firmware | ||
All of | ||
Qualcomm QAM8255P | ||
Qualcomm QAM8255P Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-23378 is classified as a significant vulnerability due to potential memory corruption issues.
To fix CVE-2024-23378, ensure you update your Qualcomm firmware to the latest version recommended by Qualcomm.
CVE-2024-23378 affects various Qualcomm firmware versions, including those for Snapdragon and SA series products.
CVE-2024-23378 might lead to unstable audio playback or recording due to memory corruption during IOCTL calls.
CVE-2024-23378 is primarily a local vulnerability, focusing on user space manipulation during audio functions.