We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-33037

Buffer Over-read in Neural Processing Unit



Description

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.

Reserved 2024-04-23 | Published 2024-12-02 | Updated 2024-12-02 | Assigner qualcomm


MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Problem types

CWE-126 Buffer Over-read

Product status

Default status
unaffected

C-V2X 9150
affected

FastConnect 6800
affected

FastConnect 6900
affected

QAM8295P
affected

QCA6174A
affected

QCA6391
affected

QCA6426
affected

QCA6436
affected

QCA6574AU
affected

QCA6696
affected

QCA8337
affected

QCN9074
affected

QCS410
affected

QCS610
affected

QSM8250
affected

Qualcomm Video Collaboration VC1 Platform
affected

Qualcomm Video Collaboration VC3 Platform
affected

SA6145P
affected

SA6150P
affected

SA6155P
affected

SA8145P
affected

SA8150P
affected

SA8155P
affected

SA8195P
affected

SA8295P
affected

SA8530P
affected

SA8540P
affected

SA9000P
affected

SD865 5G
affected

SDX55
affected

Snapdragon 865 5G Mobile Platform
affected

Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
affected

Snapdragon 870 5G Mobile Platform (SM8250-AC)
affected

Snapdragon W5+ Gen 1 Wearable Platform
affected

Snapdragon X55 5G Modem-RF System
affected

Snapdragon XR2 5G Platform
affected

SW5100
affected

SW5100P
affected

SXR2130
affected

WCD9341
affected

WCD9370
affected

WCD9380
affected

WCN3660B
affected

WCN3680B
affected

WCN3950
affected

WCN3980
affected

WCN3988
affected

WSA8810
affected

WSA8815
affected

WSA8830
affected

WSA8835
affected

References

docs.qualcomm.com/...itybulletin/december-2024-bulletin.html

cve.org (CVE-2024-33037)

nvd.nist.gov (CVE-2024-33037)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-33037

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.