What is the severity of CVE-2024-33054?

CVE-2024-33054 has been assigned a severity level that indicates potential exploitation could lead to significant system disruption.

How do I fix CVE-2024-33054?

To fix CVE-2024-33054, users should apply the latest security updates from Qualcomm and Google.

What software versions are affected by CVE-2024-33054?

CVE-2024-33054 affects multiple Qualcomm fastconnect firmware versions and Google Android software running on affected devices.

Are there any workarounds for CVE-2024-33054?

Currently, there are no known workarounds for CVE-2024-33054 other than applying the provided security updates.

Vulnerability/
CVE-2024-33054

high

7.8

CWE

120 787

2/9/2024

25/3/2025

CVE-2024-33054: Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision

First published: Mon Sep 02 2024(Updated: )

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Android
All of
Qualcomm FastConnect 6700 Firmware
Qualcomm Fastconnect 6700
All of
Qualcomm FastConnect 6900 Firmware
Qualcomm Fastconnect 6900 Firmware
All of
Qualcomm FastConnect 7800 Firmware
Qualcomm Fastconnect 7800 Firmware
All of
Qualcomm QCM5430
Qualcomm QCM5430 Firmware
All of
Qualcomm QCM6490
Qualcomm QCM6490 Firmware
All of
Qualcomm QCM8550 Firmware
Qualcomm QCM8550 Firmware
All of
Qualcomm QCS5430 Firmware
Qualcomm QCS5430 Firmware
All of
Qualcomm QCS6490 Firmware
Qualcomm QCS6490 Firmware
All of
Qualcomm QCS8550 Firmware
Qualcomm QCS8550 Firmware
All of
Qualcomm Video Collaboration VC3 Platform Firmware
Qualcomm Video Collaboration VC3 Platform
All of
Qualcomm SDM429W
qualcomm SDM429W firmware
All of
Qualcomm SG8275 Firmware
Qualcomm SG8275 Firmware
All of
Qualcomm SM8550P Firmware
Qualcomm SM8550P Firmware
All of
Qualcomm SM8635 Firmware
Qualcomm SM8635 Firmware
All of
Qualcomm Snapdragon 429 Mobile Firmware
Qualcomm Snapdragon 429 Mobile
All of
Qualcomm Snapdragon 8 Gen 2 Firmware
Qualcomm Snapdragon 8 Gen 2
All of
Qualcomm Snapdragon 8 Gen 3 Firmware
Qualcomm Snapdragon 8 Gen 3 Mobile Platform
All of
Qualcomm Snapdragon 8+ Gen 2 Mobile Firmware
Qualcomm Snapdragon 8+ Gen 2 Mobile
All of
Qualcomm WCD9370 Firmware
Qualcomm WCD9370 Firmware
All of
Qualcomm WCD9375
Qualcomm WCD9375 Firmware
All of
Qualcomm WCD9380
Qualcomm WCD9380 Firmware
All of
Qualcomm WCD9385
Qualcomm WCD9385 Firmware
All of
Qualcomm WCD9390 Firmware
Qualcomm WCD9390 Firmware
All of
Qualcomm WCD9395 Firmware
Qualcomm WCD9395 Firmware
All of
Qualcomm WCN3620 Firmware
Qualcomm WCN3620 Firmware
All of
Qualcomm WCN3660B
Qualcomm WCN3660B Firmware
All of
Qualcomm WCN6755 Firmware
Qualcomm WCN6755 Firmware
All of
Qualcomm WSA8830
Qualcomm WSA8830
All of
Qualcomm WSA8832 Firmware
Qualcomm WSA8832 Firmware
All of
Qualcomm WSA8835
Qualcomm WSA8835 Firmware
All of
Qualcomm WSA8840 Firmware
Qualcomm WSA8840 Firmware
All of
Qualcomm WSA8845H
Qualcomm WSA8845 Firmware
All of
Qualcomm WSA8845 Firmware
Qualcomm WSA8845H Firmware

Remedy

https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-33054?
CVE-2024-33054 has been assigned a severity level that indicates potential exploitation could lead to significant system disruption.
What is the impact of CVE-2024-33054?
The impact of CVE-2024-33054 is related to memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.
How do I fix CVE-2024-33054?
To fix CVE-2024-33054, users should apply the latest security updates from Qualcomm and Google.
What software versions are affected by CVE-2024-33054?
CVE-2024-33054 affects multiple Qualcomm fastconnect firmware versions and Google Android software running on affected devices.
Are there any workarounds for CVE-2024-33054?
Currently, there are no known workarounds for CVE-2024-33054 other than applying the provided security updates.

agent/title
agent/type
agent/description
agent/first-publish-date
agent/author
agent/weakness
agent/remedy
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/source
agent/last-modified-date
agent/event
collector/android-source
source/Android
agent/software-canonical-lookup
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup-request
vendor/google
canonical/android
vendor/qualcomm
canonical/qualcomm fastconnect 6700 firmware
canonical/qualcomm fastconnect 6700
canonical/qualcomm fastconnect 6900 firmware
canonical/qualcomm fastconnect 7800 firmware
canonical/qualcomm qcm5430
canonical/qualcomm qcm5430 firmware
canonical/qualcomm qcm6490
canonical/qualcomm qcm6490 firmware
canonical/qualcomm qcm8550 firmware
canonical/qualcomm qcs5430 firmware
canonical/qualcomm qcs6490 firmware
canonical/qualcomm qcs8550 firmware
canonical/qualcomm video collaboration vc3 platform firmware
canonical/qualcomm video collaboration vc3 platform
canonical/qualcomm sdm429w
canonical/qualcomm sdm429w firmware
canonical/qualcomm sg8275 firmware
canonical/qualcomm sm8550p firmware
canonical/qualcomm sm8635 firmware
canonical/qualcomm snapdragon 429 mobile firmware
canonical/qualcomm snapdragon 429 mobile
canonical/qualcomm snapdragon 8 gen 2 firmware
canonical/qualcomm snapdragon 8 gen 2
canonical/qualcomm snapdragon 8 gen 3 firmware
canonical/qualcomm snapdragon 8 gen 3 mobile platform
canonical/qualcomm snapdragon 8+ gen 2 mobile firmware
canonical/qualcomm snapdragon 8+ gen 2 mobile
canonical/qualcomm wcd9370 firmware
canonical/qualcomm wcd9375
canonical/qualcomm wcd9375 firmware
canonical/qualcomm wcd9380
canonical/qualcomm wcd9380 firmware
canonical/qualcomm wcd9385
canonical/qualcomm wcd9385 firmware
canonical/qualcomm wcd9390 firmware
canonical/qualcomm wcd9395 firmware
canonical/qualcomm wcn3620 firmware
canonical/qualcomm wcn3660b
canonical/qualcomm wcn3660b firmware
canonical/qualcomm wcn6755 firmware
canonical/qualcomm wsa8830
canonical/qualcomm wsa8832 firmware
canonical/qualcomm wsa8835
canonical/qualcomm wsa8835 firmware
canonical/qualcomm wsa8840 firmware
canonical/qualcomm wsa8845h
canonical/qualcomm wsa8845 firmware
canonical/qualcomm wsa8845h firmware

CVE-2024-33054: Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-33054?

What is the impact of CVE-2024-33054?

How do I fix CVE-2024-33054?

What software versions are affected by CVE-2024-33054?

Are there any workarounds for CVE-2024-33054?

Company

Resources

Contact