CVE-2024-38399: Use After Free in Graphics
First published: Mon Oct 07 2024(Updated: )
Memory corruption while processing user packets to generate page faults.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| All of | ||
| Qualcomm WSA8835 | ||
| Qualcomm WSA8835 Firmware | ||
| All of | ||
| Qualcomm WSA8830 | ||
| Qualcomm WSA8830 | ||
| All of | ||
| Qualcomm WSA8810 | ||
| Qualcomm WSA8810 Firmware | ||
| All of | ||
| Qualcomm WCN3950 Firmware | ||
| Qualcomm WCN3950 Firmware | ||
| All of | ||
| Qualcomm WCD9380 | ||
| Qualcomm WCD9380 Firmware | ||
| All of | ||
| Qualcomm WCD9375 | ||
| Qualcomm WCD9375 Firmware | ||
| All of | ||
| Qualcomm WCD9370 Firmware | ||
| Qualcomm WCD9370 Firmware | ||
| All of | ||
| Qualcomm SRV1M | ||
| Qualcomm SRV1M Firmware | ||
| All of | ||
| Qualcomm SRV1H | ||
| Qualcomm SRV1H Firmware | ||
| All of | ||
| Qualcomm Snapdragon 8 Gen 1 Mobile Platform | ||
| Qualcomm Snapdragon 8 Gen 1 Mobile Firmware | ||
| All of | ||
| Qualcomm Snapdragon 685 4G Mobile Platform (SM6225-AD) Firmware | ||
| Qualcomm Snapdragon 685 4G Mobile Platform (SM6225-AD) | ||
| All of | ||
| Qualcomm Snapdragon 680 4G Mobile Firmware | ||
| Qualcomm Snapdragon 680 4G Mobile Platform Firmware | ||
| All of | ||
| Qualcomm SG4150P | ||
| Qualcomm SG4150P Firmware | ||
| All of | ||
| Qualcomm SA9000P Firmware | ||
| Qualcomm SA9000P Firmware | ||
| All of | ||
| Qualcomm SA8775P | ||
| Qualcomm SA8775P | ||
| All of | ||
| Qualcomm SA8770P Firmware | ||
| qualcomm sa8770p firmware | ||
| All of | ||
| Qualcomm SA8650P | ||
| Qualcomm SA8650P | ||
| All of | ||
| Qualcomm SA8620P | ||
| Qualcomm SA8620P | ||
| All of | ||
| Qualcomm SA8295P Firmware | ||
| Qualcomm SA8295P Firmware | ||
| All of | ||
| Qualcomm SA8255P Firmware | ||
| Qualcomm SA8255P Firmware | ||
| All of | ||
| Qualcomm SA8195P | ||
| Qualcomm SA8195P Firmware | ||
| All of | ||
| Qualcomm SA8155 | ||
| Qualcomm SA8155P Firmware | ||
| All of | ||
| Qualcomm SA7775P Firmware | ||
| Qualcomm SA7775P Firmware | ||
| All of | ||
| Qualcomm SA7255P | ||
| qualcomm sa7255p firmware | ||
| All of | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155P | ||
| All of | ||
| Qualcomm QCA6797AQ Firmware | ||
| Qualcomm QCA6797AQ Firmware | ||
| All of | ||
| Qualcomm QCA6698AQ | ||
| Qualcomm QCA6698AQ Firmware | ||
| All of | ||
| Qualcomm QCA6696 Firmware | ||
| Qualcomm QCA6696 Firmware | ||
| All of | ||
| qualcomm qca6688aq firmware | ||
| Qualcomm QCA6688AQ | ||
| All of | ||
| Qualcomm QCA6595AU Firmware | ||
| Qualcomm QCA6595AU Firmware | ||
| All of | ||
| Qualcomm QCA6595AU Firmware | ||
| Qualcomm QCA6595AU Firmware | ||
| All of | ||
| Qualcomm QCA6574 Firmware | ||
| Qualcomm QCA6574AU | ||
| All of | ||
| Qualcomm QAMSRV1M Firmware | ||
| Qualcomm QAMSRV1M Firmware | ||
| All of | ||
| Qualcomm SRV1H Firmware | ||
| Qualcomm QAMSRV1H Firmware | ||
| All of | ||
| Qualcomm QAM8775P | ||
| Qualcomm QAM8775P Firmware | ||
| All of | ||
| Qualcomm QAM8650P Firmware | ||
| Qualcomm QAM8650P Firmware | ||
| All of | ||
| Qualcomm QAM8295P | ||
| Qualcomm QAM8295P | ||
| All of | ||
| Qualcomm QAM8255P | ||
| Qualcomm QAM8255P Firmware | ||
| All of | ||
| Qualcomm FastConnect 7800 Firmware | ||
| Qualcomm Fastconnect 7800 Firmware | ||
| All of | ||
| Qualcomm FastConnect 6900 Firmware | ||
| Qualcomm Fastconnect 6900 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html
- https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/graphics-kernel/-/commit/467ba29f0c8f6e6c17971795ebdce90a1d5d6fc6
- https://git.codelinaro.org/clo/la/kernel/msm-5.10/-/commit/8954d806a5c57b8bdb3fe7cd32147fc1f7d5974e
- https://source.android.com/docs/security/bulletin/2024-10-01 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2024-38399?
CVE-2024-38399 is rated as a critical severity vulnerability due to potential memory corruption issues.
How do I fix CVE-2024-38399?
To remediate CVE-2024-38399, update the affected Qualcomm firmware and Android versions to the latest patches provided by the vendor.
What products are affected by CVE-2024-38399?
CVE-2024-38399 affects various Qualcomm firmware including WSA8835, WSA8830, and multiple Snapdragon platforms.
What are the potential impacts of CVE-2024-38399?
The potential impacts of CVE-2024-38399 include system crashes and exploitation of memory corruption vulnerabilities.
Is there a workaround for CVE-2024-38399?
As of now, the recommended solution for CVE-2024-38399 is to apply the available updates rather than relying on any workarounds.
- agent/weakness
- agent/title
- agent/description
- agent/type
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/source
- agent/first-publish-date
- agent/event
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- collector/nvd-api
- source/NVD
- agent/softwarecombine
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm wsa8835
- canonical/qualcomm wsa8835 firmware
- canonical/qualcomm wsa8830
- canonical/qualcomm wsa8810
- canonical/qualcomm wsa8810 firmware
- canonical/qualcomm wcn3950 firmware
- canonical/qualcomm wcd9380
- canonical/qualcomm wcd9380 firmware
- canonical/qualcomm wcd9375
- canonical/qualcomm wcd9375 firmware
- canonical/qualcomm wcd9370 firmware
- canonical/qualcomm srv1m
- canonical/qualcomm srv1m firmware
- canonical/qualcomm srv1h
- canonical/qualcomm srv1h firmware
- canonical/qualcomm snapdragon 8 gen 1 mobile platform
- canonical/qualcomm snapdragon 8 gen 1 mobile firmware
- canonical/qualcomm snapdragon 685 4g mobile platform (sm6225-ad) firmware
- canonical/qualcomm snapdragon 685 4g mobile platform (sm6225-ad)
- canonical/qualcomm snapdragon 680 4g mobile firmware
- canonical/qualcomm snapdragon 680 4g mobile platform firmware
- canonical/qualcomm sg4150p
- canonical/qualcomm sg4150p firmware
- canonical/qualcomm sa9000p firmware
- canonical/qualcomm sa8775p
- canonical/qualcomm sa8770p firmware
- canonical/qualcomm sa8650p
- canonical/qualcomm sa8620p
- canonical/qualcomm sa8295p firmware
- canonical/qualcomm sa8255p firmware
- canonical/qualcomm sa8195p
- canonical/qualcomm sa8195p firmware
- canonical/qualcomm sa8155
- canonical/qualcomm sa8155p firmware
- canonical/qualcomm sa7775p firmware
- canonical/qualcomm sa7255p
- canonical/qualcomm sa7255p firmware
- canonical/qualcomm sa6155
- canonical/qualcomm sa6155p
- canonical/qualcomm qca6797aq firmware
- canonical/qualcomm qca6698aq
- canonical/qualcomm qca6698aq firmware
- canonical/qualcomm qca6696 firmware
- canonical/qualcomm qca6688aq firmware
- canonical/qualcomm qca6688aq
- canonical/qualcomm qca6595au firmware
- canonical/qualcomm qca6574 firmware
- canonical/qualcomm qca6574au
- canonical/qualcomm qamsrv1m firmware
- canonical/qualcomm qamsrv1h firmware
- canonical/qualcomm qam8775p
- canonical/qualcomm qam8775p firmware
- canonical/qualcomm qam8650p firmware
- canonical/qualcomm qam8295p
- canonical/qualcomm qam8255p
- canonical/qualcomm qam8255p firmware
- canonical/qualcomm fastconnect 7800 firmware
- canonical/qualcomm fastconnect 6900 firmware