Description
Memory corruption while parsing the memory map info in IOCTL calls.
Reserved 2024-06-16 | Published 2025-02-03 | Updated 2025-02-03 | Assigner
qualcommHIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem types
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
Product status
Default status
unaffected
C-V2X 9150
affected
CSRB31024
affected
FastConnect 6800
affected
FastConnect 6900
affected
FastConnect 7800
affected
QAM8295P
affected
QCA6391
affected
QCA6426
affected
QCA6436
affected
QCA6564AU
affected
QCA6574AU
affected
QCA6595AU
affected
QCA6696
affected
QCN9074
affected
QCS410
affected
QCS610
affected
QSM8250
affected
Qualcomm Video Collaboration VC1 Platform
affected
Qualcomm Video Collaboration VC3 Platform
affected
SA6145P
affected
SA6150P
affected
SA6155P
affected
SA8145P
affected
SA8150P
affected
SA8155P
affected
SA8195P
affected
SA8295P
affected
SA8530P
affected
SA8540P
affected
SA9000P
affected
SD865 5G
affected
SDM429W
affected
SDX55
affected
Snapdragon 429 Mobile Platform
affected
Snapdragon 8 Gen 1 Mobile Platform
affected
Snapdragon 865 5G Mobile Platform
affected
Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
affected
Snapdragon 870 5G Mobile Platform (SM8250-AC)
affected
Snapdragon W5+ Gen 1 Wearable Platform
affected
Snapdragon X55 5G Modem-RF System
affected
Snapdragon XR2 5G Platform
affected
Snapdragon Auto 4G Modem
affected
SW5100
affected
SW5100P
affected
SXR2130
affected
SXR2230P
affected
SXR2250P
affected
WCD9341
affected
WCD9370
affected
WCD9380
affected
WCD9385
affected
WCN3620
affected
WCN3660B
affected
WCN3680B
affected
WCN3950
affected
WCN3980
affected
WCN3988
affected
WSA8810
affected
WSA8815
affected
WSA8830
affected
WSA8832
affected
WSA8835
affected
References
docs.qualcomm.com/...itybulletin/february-2025-bulletin.html
cve.org (CVE-2024-38418)
nvd.nist.gov (CVE-2024-38418)
Download JSON
Subscribe to our newsletter to learn more about our work.