CVE-2024-33030: Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Performance

First published: Mon Nov 04 2024(Updated: )

Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
All of
Qualcomm Wsa8835 Firmware
Qualcomm Wsa8835
All of
Qualcomm Wsa8830 Firmware
Qualcomm Wsa8830
All of
Qualcomm Wcd9380 Firmware
Qualcomm Wcd9380
All of
Qualcomm Wcd9340 Firmware
Qualcomm Wcd9340
All of
Qualcomm Snapdragon X75 5g Modem-rf System Firmware
Qualcomm Snapdragon X75 5g Modem-rf System
All of
Qualcomm Snapdragon X72 5g Modem-rf System Firmware
Qualcomm Snapdragon X72 5g Modem-rf System
All of
Qualcomm Snapdragon Auto 5g Modem-rf Gen 2 Firmware
Qualcomm Snapdragon Auto 5g Modem-rf Gen 2
All of
Qualcomm Snapdragon 8 Gen 1 Mobile Platform Firmware
Qualcomm Snapdragon 8 Gen 1 Mobile Platform
All of
Qualcomm Qfw7124 Firmware
Qualcomm Qfw7124
All of
Qualcomm Qfw7114 Firmware
Qualcomm Qfw7114
All of
Qualcomm Qcn6274 Firmware
Qualcomm Qcn6274
All of
Qualcomm Qcn6224 Firmware
Qualcomm Qcn6224
All of
Qualcomm Qcc710 Firmware
Qualcomm Qcc710
All of
Qualcomm Qca9377 Firmware
Qualcomm Qca9377
All of
Qualcomm Qca9367 Firmware
Qualcomm Qca9367
All of
Qualcomm Qca8337 Firmware
Qualcomm Qca8337
All of
Qualcomm Qca8081 Firmware
Qualcomm Qca8081
All of
Qualcomm Qca6698aq Firmware
Qualcomm Qca6698aq
All of
Qualcomm Qca6584au Firmware
Qualcomm Qca6584au
All of
Qualcomm Fastconnect 7800 Firmware
Qualcomm Fastconnect 7800
All of
Qualcomm Fastconnect 6900 Firmware
Qualcomm Fastconnect 6900
All of
Qualcomm Ar8035 Firmware
Qualcomm Ar8035

Remedy

https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html

Never miss a vulnerability like this again

Reference Links

https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html

collector/mitre-cve
source/MITRE
agent/references
agent/weakness
agent/title
agent/description
agent/type
agent/first-publish-date
agent/severity
agent/author
agent/event
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/remedy
agent/last-modified-date
agent/tags
agent/softwarecombine
vendor/qualcomm
canonical/qualcomm wsa8835 firmware
canonical/qualcomm wsa8835
canonical/qualcomm wsa8830 firmware
canonical/qualcomm wsa8830
canonical/qualcomm wcd9380 firmware
canonical/qualcomm wcd9380
canonical/qualcomm wcd9340 firmware
canonical/qualcomm wcd9340
canonical/qualcomm snapdragon x75 5g modem-rf system firmware
canonical/qualcomm snapdragon x75 5g modem-rf system
canonical/qualcomm snapdragon x72 5g modem-rf system firmware
canonical/qualcomm snapdragon x72 5g modem-rf system
canonical/qualcomm snapdragon auto 5g modem-rf gen 2 firmware
canonical/qualcomm snapdragon auto 5g modem-rf gen 2
canonical/qualcomm snapdragon 8 gen 1 mobile platform firmware
canonical/qualcomm snapdragon 8 gen 1 mobile platform
canonical/qualcomm qfw7124 firmware
canonical/qualcomm qfw7124
canonical/qualcomm qfw7114 firmware
canonical/qualcomm qfw7114
canonical/qualcomm qcn6274 firmware
canonical/qualcomm qcn6274
canonical/qualcomm qcn6224 firmware
canonical/qualcomm qcn6224
canonical/qualcomm qcc710 firmware
canonical/qualcomm qcc710
canonical/qualcomm qca9377 firmware
canonical/qualcomm qca9377
canonical/qualcomm qca9367 firmware
canonical/qualcomm qca9367
canonical/qualcomm qca8337 firmware
canonical/qualcomm qca8337
canonical/qualcomm qca8081 firmware
canonical/qualcomm qca8081
canonical/qualcomm qca6698aq firmware
canonical/qualcomm qca6698aq
canonical/qualcomm qca6584au firmware
canonical/qualcomm qca6584au
canonical/qualcomm fastconnect 7800 firmware
canonical/qualcomm fastconnect 7800
canonical/qualcomm fastconnect 6900 firmware
canonical/qualcomm fastconnect 6900
canonical/qualcomm ar8035 firmware
canonical/qualcomm ar8035

CVE-2024-33030: Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Performance

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact