Vulnerabilities > CVE-2024-38410 - Out-of-bounds Write vulnerability in Qualcomm products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
qualcomm
CWE-787

Summary

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.

Common Weakness Enumeration (CWE)