Vulnerabilities > CVE-2024-43050 - Out-of-bounds Write vulnerability in Qualcomm products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-787

NVD

Published: 2024-12-02

Updated: 2024-12-12

Summary

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Aqt1000 Firmware - Qualcomm Fastconnect 6200 Firmware - Qualcomm Fastconnect 6700 Firmware - Qualcomm Fastconnect 6800 Firmware - Qualcomm Fastconnect 6900 Firmware - Qualcomm Fastconnect 7800 Firmware - Qualcomm Qca1062 Firmware - Qualcomm Qca1064 Firmware - Qualcomm Qca2062 Firmware - Qualcomm Qca2064 Firmware - Qualcomm Qca2065 Firmware - Qualcomm Qca2066 Firmware - Qualcomm Qca6164 Firmware - Qualcomm Qca6174 Firmware - Qualcomm Qca6174A Firmware - Qualcomm Qca6391 Firmware - Qualcomm Qca6420 Firmware - Qualcomm Qca6430 Firmware - Qualcomm Qca6595Au Firmware - Qualcomm Qca9377 Firmware - Qualcomm Qcc2073 Firmware - Qualcomm Qcc2076 Firmware - Qualcomm Qcm5430 Firmware - Qualcomm Qcm6490 Firmware - Qualcomm Qcn7605 Firmware - Qualcomm Qcn7606 Firmware - Qualcomm Qcs5430 Firmware - Qualcomm Qcs6490 Firmware - Qualcomm Video Collaboration VC3 Platform Firmware - Qualcomm Sc8180X Firmware - Qualcomm Sdx55 Firmware - Qualcomm Sc8380Xp Firmware - Qualcomm Sdm429W Firmware - Qualcomm Snapdragon 429 Mobile Platform Firmware - Qualcomm Snapdragon 7C+ GEN 3 Compute Firmware - Qualcomm Snapdragon 8C Compute Platform Firmware - Qualcomm Snapdragon 8CX Compute Platform Firmware - Qualcomm Snapdragon 8CX GEN 2 5G Compute Platform Firmware - Qualcomm Snapdragon 8CX GEN 3 Compute Platform Firmware - Qualcomm Wcd9340 Firmware - Qualcomm Wcd9341 Firmware - Qualcomm Wcd9370 Firmware - Qualcomm Wcd9375 Firmware - Qualcomm Wcd9380 Firmware - Qualcomm Wcd9385 Firmware - Qualcomm Wcn3620 Firmware - Qualcomm Wcn3660B Firmware - Qualcomm Wsa8810 Firmware - Qualcomm Wsa8815 Firmware - Qualcomm Wsa8830 Firmware - Qualcomm Wsa8835 Firmware - Qualcomm Wsa8840 Firmware - Qualcomm Wsa8845 Firmware - Qualcomm Wsa8845H Firmware -	54
Hardware	Qualcomm Qualcomm Aqt1000 - Qualcomm Fastconnect 6200 - Qualcomm Fastconnect 6700 - Qualcomm Fastconnect 6800 - Qualcomm Fastconnect 6900 - Qualcomm Fastconnect 7800 - Qualcomm Qca1062 - Qualcomm Qca1064 - Qualcomm Qca2062 - Qualcomm Qca2064 - Qualcomm Qca2065 - Qualcomm Qca2066 - Qualcomm Qca6164 - Qualcomm Qca6174 - Qualcomm Qca6174A - Qualcomm Qca6391 - Qualcomm Qca6420 - Qualcomm Qca6430 - Qualcomm Qca6595Au - Qualcomm Qca9377 - Qualcomm Qcc2073 - Qualcomm Qcc2076 - Qualcomm Qcm5430 - Qualcomm Qcm6490 - Qualcomm Qcn7605 - Qualcomm Qcn7606 - Qualcomm Qcs5430 - Qualcomm Qcs6490 - Qualcomm Video Collaboration VC3 Platform - Qualcomm Sc8180X - Qualcomm Sdx55 - Qualcomm Sc8380Xp - Qualcomm Sdm429W - Qualcomm Snapdragon 429 Mobile Platform - Qualcomm Snapdragon 7C+ GEN 3 Compute - Qualcomm Snapdragon 8C Compute Platform - Qualcomm Snapdragon 8CX Compute Platform - Qualcomm Snapdragon 8CX GEN 2 5G Compute Platform - Qualcomm Snapdragon 8CX GEN 3 Compute Platform - Qualcomm Wcd9340 - Qualcomm Wcd9341 - Qualcomm Wcd9370 - Qualcomm Wcd9375 - Qualcomm Wcd9380 - Qualcomm Wcd9385 - Qualcomm Wcn3620 - Qualcomm Wcn3660B - Qualcomm Wsa8810 - Qualcomm Wsa8815 - Qualcomm Wsa8830 - Qualcomm Wsa8835 - Qualcomm Wsa8840 - Qualcomm Wsa8845 - Qualcomm Wsa8845H -	54

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html