First published: Mon Nov 04 2024(Updated: )
Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Qualcomm WSA8845 Firmware | ||
Qualcomm WSA8845H Firmware | ||
All of | ||
Qualcomm WSA8845H | ||
Qualcomm WSA8845 Firmware | ||
All of | ||
Qualcomm WSA8840 Firmware | ||
Qualcomm WSA8840 Firmware | ||
All of | ||
Qualcomm WSA8835 | ||
Qualcomm WSA8835 Firmware | ||
All of | ||
Qualcomm WSA8830 | ||
Qualcomm WSA8830 | ||
All of | ||
Qualcomm WCN3660B | ||
Qualcomm WCN3660B Firmware | ||
All of | ||
Qualcomm WCN3620 Firmware | ||
Qualcomm WCN3620 Firmware | ||
All of | ||
Qualcomm WCD9385 | ||
Qualcomm WCD9385 Firmware | ||
All of | ||
Qualcomm WCD9380 | ||
Qualcomm WCD9380 Firmware | ||
All of | ||
Qualcomm WCD9375 | ||
Qualcomm WCD9375 Firmware | ||
All of | ||
Qualcomm WCD9370 Firmware | ||
Qualcomm WCD9370 Firmware | ||
All of | ||
Qualcomm Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB) Firmware | ||
Qualcomm Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Firmware | ||
All of | ||
Qualcomm Snapdragon 429 Mobile Platform | ||
Qualcomm Snapdragon 429 Mobile Platform | ||
All of | ||
Qualcomm SDM429W | ||
qualcomm SDM429W firmware | ||
All of | ||
Qualcomm SC8380XP Firmware | ||
Qualcomm SC8380XP Firmware | ||
All of | ||
Qualcomm Video Collaboration VC3 Firmware | ||
Qualcomm Video Collaboration VC3 Platform Firmware | ||
All of | ||
Qualcomm QCS6490 Firmware | ||
Qualcomm QCS6490 Firmware | ||
All of | ||
Qualcomm QCS5430 Firmware | ||
Qualcomm QCS5430 Firmware | ||
All of | ||
Qualcomm QCM6490 | ||
Qualcomm QCM6490 Firmware | ||
All of | ||
Qualcomm QCM5430 | ||
Qualcomm QCM5430 Firmware | ||
All of | ||
Qualcomm Qcc2076 Firmware | ||
Qualcomm Qcc2076 Firmware | ||
All of | ||
Qualcomm QCC2073 Firmware | ||
Qualcomm QCC2073 Firmware | ||
All of | ||
Qualcomm FastConnect 7800 Firmware | ||
Qualcomm Fastconnect 7800 Firmware | ||
All of | ||
Qualcomm FastConnect 6900 Firmware | ||
Qualcomm Fastconnect 6900 Firmware | ||
All of | ||
Qualcomm FastConnect 6700 Firmware | ||
Qualcomm Fastconnect 6700 |
https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2024-38410 is determined to be high due to the potential for memory corruption.
To fix CVE-2024-38410, apply the latest firmware updates provided by Qualcomm for the affected devices.
CVE-2024-38410 affects multiple Qualcomm firmware versions, including WSA8845 and variants of the WCD and Fastconnect series.
CVE-2024-38410 is classified as a memory corruption vulnerability.
The impact of CVE-2024-38410 can lead to system instability or crashes when the device is in an invalid state.