fkie_cve-2024-21455
Vulnerability from fkie_nvd
Published
2024-10-07 13:15
Modified
2024-10-16 20:30
Severity ?
Summary
Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5AEA324C-69CE-4AAC-91D6-6FAAE1B3FA77", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc1_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "A7B5F5CD-CE26-4C93-9FED-F783947DBDA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", matchCriteriaId: "7E870D82-DE3B-4199-A730-C8FB545BAA98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "15307882-7039-43E9-9BA3-035045988B99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", matchCriteriaId: "AA85B322-E593-4499-829A-CC6D70BAE884", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C6E9038-9B18-4958-BE1E-215901C9B4B2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", matchCriteriaId: "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3FEF2DB6-00F5-4B07-953B-EF58B31267F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", matchCriteriaId: "120E8F0F-EBEB-4565-9927-2D473F783EF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "34143ABA-7D09-429F-A65C-3A33438BF62C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", matchCriteriaId: "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1295D869-F4DD-4766-B4AA-3513752F43B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", matchCriteriaId: "B98784DC-3143-4D38-AD28-DBBDCCAB4272", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EE5FCA7F-1FBE-42AA-B4E6-09CEA02A33EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:*:*:*:*:*:*:*", matchCriteriaId: "E2D789BC-43F5-40FB-A191-163C01BA5FBE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_\\(sm6225-ad\\)_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C43376-1ACC-42FF-873F-3B0372EE71A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform_\\(sm6225-ad\\):-:*:*:*:*:*:*:*", matchCriteriaId: "58BC09AF-6057-45A1-BEB8-AF9F4CBF3F5E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8D0ED00F-1345-43AD-83C6-E979890B84AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "92C28019-B57D-4487-B551-F7B53395C6E5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9279F02F-6C30-4891-8941-97003DE9C8C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*", matchCriteriaId: "FFA7BB42-305C-451F-92D8-0718DF68A012", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2A19659B-A0C3-44B7-8D54-BA21729873A4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*", matchCriteriaId: "F978041A-CE28-4BDF-A7DB-F0360F1A5F14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4468EA5D-87B0-4FEC-A3DB-617651B0D169", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*", matchCriteriaId: "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AB226552-52D9-44F5-A170-35C44761A72B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*", matchCriteriaId: "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*", matchCriteriaId: "B3F7853D-09EE-476F-B48D-BB30AEB4A67D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0AE207DB-9770-40ED-961D-FDA75965826F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*", matchCriteriaId: "0E23922D-C37F-476F-A623-4C1458A9156F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "AFBD264F-F24A-4CDD-B316-9514A61B91E7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6688aq:-:*:*:*:*:*:*:*", matchCriteriaId: "94CC5BC4-011D-4D2B-8891-97FBF61FD783", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "643EC76D-2836-48E6-81DA-78C4883C33CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*", matchCriteriaId: "477F6529-4CE1-44FC-B6EE-D24D44C71AE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C3DDA896-576C-44B8-85B6-F71F473F776B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*", matchCriteriaId: "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C2D9E281-B382-41AC-84CB-5B1063E5AC51", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*", matchCriteriaId: "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.", }, { lang: "es", value: "Corrupción de memoria cuando una llamada IOCTL de compatibilidad es seguida por otra llamada IOCTL desde el espacio de usuario a un controlador.", }, ], id: "CVE-2024-21455", lastModified: "2024-10-16T20:30:53.093", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "product-security@qualcomm.com", type: "Primary", }, ], }, published: "2024-10-07T13:15:10.360", references: [ { source: "product-security@qualcomm.com", tags: [ "Vendor Advisory", ], url: "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html", }, ], sourceIdentifier: "product-security@qualcomm.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-822", }, ], source: "product-security@qualcomm.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.