We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-23378

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio



Description

Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.

Reserved 2024-01-16 | Published 2024-10-07 | Updated 2024-10-07 | Assigner qualcomm


MEDIUM: 6.7CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

Product status

Default status
unaffected

QAM8255P
affected

QAM8650P
affected

QAM8775P
affected

QAMSRV1H
affected

QAMSRV1M
affected

QCA6584AU
affected

QCA6698AQ
affected

SA7255P
affected

SA7775P
affected

SA8255P
affected

SA8620P
affected

SA8650P
affected

SA8770P
affected

SA8775P
affected

SA9000P
affected

Snapdragon Auto 5G Modem-RF Gen 2
affected

SRV1H
affected

SRV1M
affected

References

docs.qualcomm.com/...ritybulletin/october-2024-bulletin.html

cve.org (CVE-2024-23378)

nvd.nist.gov (CVE-2024-23378)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-23378

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.