Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2025-0723
Vulnerability from csaf_certbund
Published
2025-04-07 22:00
Modified
2025-04-29 22:00
Summary
Android Patchday April 2025: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erhöhen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben oder andere nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme
- Android
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erh\u00f6hen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben oder andere nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Android", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2025-0723 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0723.json" }, { "category": "self", "summary": "WID-SEC-2025-0723 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0723" }, { "category": "external", "summary": "Android Patchday April 2025 vom 2025-04-07", "url": "https://source.android.com/docs/security/bulletin/2025-04-01" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-225 vom 2025-04-29", "url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-225.html" } ], "source_lang": "en-US", "title": "Android Patchday April 2025: Mehrere Schwachstellen", "tracking": { "current_release_date": "2025-04-29T22:00:00.000+00:00", "generator": { "date": "2025-04-30T08:46:35.438+00:00", "engine": { "name": "BSI-WID", "version": "1.3.12" } }, "id": "WID-SEC-W-2025-0723", "initial_release_date": "2025-04-07T22:00:00.000+00:00", "revision_history": [ { "date": "2025-04-07T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2025-04-29T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Amazon aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "13 \u003c2025-04-07", "product": { "name": "Google Android 13 \u003c2025-04-07", "product_id": "T042438" } }, { "category": "product_version", "name": "13 2025-04-07", "product": { "name": "Google Android 13 2025-04-07", "product_id": "T042438-fixed", "product_identification_helper": { "cpe": "cpe:/o:google:android:13__2025-04-07" } } }, { "category": "product_version_range", "name": "14 \u003c2025-04-07", "product": { "name": "Google Android 14 \u003c2025-04-07", "product_id": "T042439" } }, { "category": "product_version", "name": "14 2025-04-07", "product": { "name": "Google Android 14 2025-04-07", "product_id": "T042439-fixed", "product_identification_helper": { "cpe": "cpe:/o:google:android:14__2025-04-07" } } }, { "category": "product_version_range", "name": "15 \u003c2025-04-07", "product": { "name": "Google Android 15 \u003c2025-04-07", "product_id": "T042441" } }, { "category": "product_version", "name": "15 2025-04-07", "product": { "name": "Google Android 15 2025-04-07", "product_id": "T042441-fixed", "product_identification_helper": { "cpe": "cpe:/o:google:android:15__2025-04-07" } } } ], "category": "product_name", "name": "Android" } ], "category": "vendor", "name": "Google" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-33058", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-33058" }, { "cve": "CVE-2024-40653", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-40653" }, { "cve": "CVE-2024-43065", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-43065" }, { "cve": "CVE-2024-43066", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-43066" }, { "cve": "CVE-2024-43702", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-43702" }, { "cve": "CVE-2024-43703", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-43703" }, { "cve": "CVE-2024-45549", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-45549" }, { "cve": "CVE-2024-45551", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-45551" }, { "cve": "CVE-2024-45552", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-45552" }, { "cve": "CVE-2024-46972", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-46972" }, { "cve": "CVE-2024-47894", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-47894" }, { "cve": "CVE-2024-47895", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-47895" }, { "cve": "CVE-2024-47897", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-47897" }, { "cve": "CVE-2024-49720", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-49720" }, { "cve": "CVE-2024-49722", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-49722" }, { "cve": "CVE-2024-49728", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-49728" }, { "cve": "CVE-2024-49730", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-49730" }, { "cve": "CVE-2024-49848", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-49848" }, { "cve": "CVE-2024-50264", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-50264" }, { "cve": "CVE-2024-52936", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-52936" }, { "cve": "CVE-2024-52937", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-52937" }, { "cve": "CVE-2024-52938", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-52938" }, { "cve": "CVE-2024-53150", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-53150" }, { "cve": "CVE-2024-53197", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-53197" }, { "cve": "CVE-2024-56556", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2024-56556" }, { "cve": "CVE-2025-0050", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-0050" }, { "cve": "CVE-2025-20655", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-20655" }, { "cve": "CVE-2025-20656", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-20656" }, { "cve": "CVE-2025-20657", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-20657" }, { "cve": "CVE-2025-20658", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-20658" }, { "cve": "CVE-2025-21429", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-21429" }, { "cve": "CVE-2025-21430", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-21430" }, { "cve": "CVE-2025-21434", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-21434" }, { "cve": "CVE-2025-21435", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-21435" }, { "cve": "CVE-2025-21436", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-21436" }, { "cve": "CVE-2025-21448", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-21448" }, { "cve": "CVE-2025-22416", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22416" }, { "cve": "CVE-2025-22417", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22417" }, { "cve": "CVE-2025-22418", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22418" }, { "cve": "CVE-2025-22419", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22419" }, { "cve": "CVE-2025-22421", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22421" }, { "cve": "CVE-2025-22422", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22422" }, { "cve": "CVE-2025-22423", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22423" }, { "cve": "CVE-2025-22424", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22424" }, { "cve": "CVE-2025-22426", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22426" }, { "cve": "CVE-2025-22427", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22427" }, { "cve": "CVE-2025-22428", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22428" }, { "cve": "CVE-2025-22429", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22429" }, { "cve": "CVE-2025-22430", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22430" }, { "cve": "CVE-2025-22431", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22431" }, { "cve": "CVE-2025-22432", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22432" }, { "cve": "CVE-2025-22433", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22433" }, { "cve": "CVE-2025-22434", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22434" }, { "cve": "CVE-2025-22435", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22435" }, { "cve": "CVE-2025-22437", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22437" }, { "cve": "CVE-2025-22438", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22438" }, { "cve": "CVE-2025-22439", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22439" }, { "cve": "CVE-2025-22442", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-22442" }, { "cve": "CVE-2025-26416", "product_status": { "known_affected": [ "T042438", "T042439", "398363", "T042441" ] }, "release_date": "2025-04-07T22:00:00.000+00:00", "title": "CVE-2025-26416" } ] }
CVE-2024-52938 (GCVE-0-2024-52938)
Vulnerability from cvelistv5
Published
2025-01-13 11:50
Modified
2025-01-13 14:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-823 - CWE - Use of Out-of-range Pointer Offset (4.16)
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised GPU memory.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-52938", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-13T14:53:02.522744Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-13T14:54:41.464Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "lessThanOrEqual": "24.2 RTM2", "status": "affected", "version": "1.15 RTM", "versionType": "custom" }, { "status": "unaffected", "version": "24.3 RTM", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eKernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest\u0027s virtualised GPU memory.\u003c/span\u003e\n\n\u003cbr\u003e" } ], "value": "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest\u0027s virtualised GPU memory." } ], "impacts": [ { "capecId": "CAPEC-480", "descriptions": [ { "lang": "en", "value": "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-13T11:50:24.185Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - rgxfw_pm_add_freelist_for_reconstruction OOB write", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-52938", "datePublished": "2025-01-13T11:50:24.185Z", "dateReserved": "2024-11-18T04:55:52.555Z", "dateUpdated": "2025-01-13T14:54:41.464Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-47895 (GCVE-0-2024-47895)
Vulnerability from cvelistv5
Published
2025-01-13 10:31
Modified
2025-01-13 17:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-823 - CWE - Use of Out-of-range Pointer Offset (4.16)
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-47895", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-13T17:28:23.176028Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-13T17:28:59.171Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "lessThanOrEqual": "24.2 RTM2", "status": "affected", "version": "1.15 RTM", "versionType": "custom" }, { "status": "unaffected", "version": "24.3 RTM", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eKernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest\u0027s virtualised GPU memory.\u003c/span\u003e" } ], "value": "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest\u0027s virtualised GPU memory." } ], "impacts": [ { "capecId": "CAPEC-480", "descriptions": [ { "lang": "en", "value": "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-13T10:31:46.842Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - OOB read into fwlog due to unchecked block count", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-47895", "datePublished": "2025-01-13T10:31:46.842Z", "dateReserved": "2024-10-04T16:08:49.937Z", "dateUpdated": "2025-01-13T17:28:59.171Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-43702 (GCVE-0-2024-43702)
Vulnerability from cvelistv5
Published
2024-11-30 02:30
Modified
2024-12-01 23:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-280 - CWE - Improper Handling of Insufficient Permissions or Privileges (4.15)
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 1.13 RTM < Patch: 24.2 RTM2 |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:imaginationtech:ddk:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ddk", "vendor": "imaginationtech", "versions": [ { "lessThanOrEqual": "24.2_rtm1", "status": "affected", "version": "1.13_rtm", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-43702", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-01T23:03:49.943687Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-01T23:04:15.021Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "lessThanOrEqual": "24.2 RTM1", "status": "affected", "version": "1.13 RTM", "versionType": "custom" }, { "status": "unaffected", "version": "24.2 RTM2", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSoftware installed and run as a non-privileged user may conduct improper GPU system calls \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eto allow unprivileged access to arbitrary physical memory page.\u003c/span\u003e" } ], "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page." } ], "impacts": [ { "capecId": "CAPEC-679", "descriptions": [ { "lang": "en", "value": "CAPEC - CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections (Version 3.9)" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-280", "description": "CWE - CWE-280: Improper Handling of Insufficient Permissions or Privileges (4.15)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-30T02:30:25.404Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-43702", "datePublished": "2024-11-30T02:30:25.404Z", "dateReserved": "2024-08-15T08:21:31.533Z", "dateUpdated": "2024-12-01T23:04:15.021Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-21435 (GCVE-0-2025-21435)
Vulnerability from cvelistv5
Published
2025-04-07 10:16
Modified
2025-04-07 14:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-126 - Buffer Over-read
Summary
Transient DOS may occur while parsing extended IE in beacon.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: AR8035 Version: CSR8811 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Immersive Home 214 Platform Version: Immersive Home 216 Platform Version: Immersive Home 316 Platform Version: Immersive Home 318 Platform Version: Immersive Home 3210 Platform Version: Immersive Home 326 Platform Version: IPQ5010 Version: IPQ5028 Version: IPQ5300 Version: IPQ5302 Version: IPQ5312 Version: IPQ5332 Version: IPQ6000 Version: IPQ6010 Version: IPQ6018 Version: IPQ6028 Version: IPQ8070A Version: IPQ8071A Version: IPQ8072A Version: IPQ8074A Version: IPQ8076 Version: IPQ8076A Version: IPQ8078 Version: IPQ8078A Version: IPQ8173 Version: IPQ8174 Version: IPQ9008 Version: IPQ9048 Version: IPQ9554 Version: IPQ9570 Version: IPQ9574 Version: QAM8255P Version: QAM8650P Version: QAM8775P Version: QCA4024 Version: QCA6391 Version: QCA6421 Version: QCA6426 Version: QCA6431 Version: QCA6436 Version: QCA6554A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6777AQ Version: QCA6787AQ Version: QCA6797AQ Version: QCA8075 Version: QCA8081 Version: QCA8082 Version: QCA8084 Version: QCA8085 Version: QCA8337 Version: QCA8386 Version: QCA9888 Version: QCA9889 Version: QCC2073 Version: QCC2076 Version: QCC710 Version: QCF8000 Version: QCF8000SFP Version: QCF8001 Version: QCN5022 Version: QCN5024 Version: QCN5052 Version: QCN5122 Version: QCN5124 Version: QCN5152 Version: QCN5154 Version: QCN5164 Version: QCN6023 Version: QCN6024 Version: QCN6112 Version: QCN6122 Version: QCN6132 Version: QCN6224 Version: QCN6274 Version: QCN6402 Version: QCN6412 Version: QCN6422 Version: QCN6432 Version: QCN9000 Version: QCN9012 Version: QCN9022 Version: QCN9024 Version: QCN9070 Version: QCN9072 Version: QCN9074 Version: QCN9100 Version: QCN9160 Version: QCN9274 Version: QFW7114 Version: QFW7124 Version: QMP1000 Version: QXM8083 Version: SA6155P Version: SA8155P Version: SA8195P Version: SDX55 Version: SDX65M Version: SM8735 Version: SM8750 Version: SM8750P Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: SW5100 Version: SW5100P Version: SXR2330P Version: WCD9340 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3980 Version: WCN3988 Version: WCN6450 Version: WCN6755 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21435", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T14:29:08.583159Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T14:37:48.732Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon WBC", "Snapdragon Wearables", "Snapdragon Wired Infrastructure and Networking" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "CSR8811" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Immersive Home 214 Platform" }, { "status": "affected", "version": "Immersive Home 216 Platform" }, { "status": "affected", "version": "Immersive Home 316 Platform" }, { "status": "affected", "version": "Immersive Home 318 Platform" }, { "status": "affected", "version": "Immersive Home 3210 Platform" }, { "status": "affected", "version": "Immersive Home 326 Platform" }, { "status": "affected", "version": "IPQ5010" }, { "status": "affected", "version": "IPQ5028" }, { "status": "affected", "version": "IPQ5300" }, { "status": "affected", "version": "IPQ5302" }, { "status": "affected", "version": "IPQ5312" }, { "status": "affected", "version": "IPQ5332" }, { "status": "affected", "version": "IPQ6000" }, { "status": "affected", "version": "IPQ6010" }, { "status": "affected", "version": "IPQ6018" }, { "status": "affected", "version": "IPQ6028" }, { "status": "affected", "version": "IPQ8070A" }, { "status": "affected", "version": "IPQ8071A" }, { "status": "affected", "version": "IPQ8072A" }, { "status": "affected", "version": "IPQ8074A" }, { "status": "affected", "version": "IPQ8076" }, { "status": "affected", "version": "IPQ8076A" }, { "status": "affected", "version": "IPQ8078" }, { "status": "affected", "version": "IPQ8078A" }, { "status": "affected", "version": "IPQ8173" }, { "status": "affected", "version": "IPQ8174" }, { "status": "affected", "version": "IPQ9008" }, { "status": "affected", "version": "IPQ9048" }, { "status": "affected", "version": "IPQ9554" }, { "status": "affected", "version": "IPQ9570" }, { "status": "affected", "version": "IPQ9574" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QCA4024" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6777AQ" }, { "status": "affected", "version": "QCA6787AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8075" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8082" }, { "status": "affected", "version": "QCA8084" }, { "status": "affected", "version": "QCA8085" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA8386" }, { "status": "affected", "version": "QCA9888" }, { "status": "affected", "version": "QCA9889" }, { "status": "affected", "version": "QCC2073" }, { "status": "affected", "version": "QCC2076" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCF8000" }, { "status": "affected", "version": "QCF8000SFP" }, { "status": "affected", "version": "QCF8001" }, { "status": "affected", "version": "QCN5022" }, { "status": "affected", "version": "QCN5024" }, { "status": "affected", "version": "QCN5052" }, { "status": "affected", "version": "QCN5122" }, { "status": "affected", "version": "QCN5124" }, { "status": "affected", "version": "QCN5152" }, { "status": "affected", "version": "QCN5154" }, { "status": "affected", "version": "QCN5164" }, { "status": "affected", "version": "QCN6023" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6112" }, { "status": "affected", "version": "QCN6122" }, { "status": "affected", "version": "QCN6132" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN6402" }, { "status": "affected", "version": "QCN6412" }, { "status": "affected", "version": "QCN6422" }, { "status": "affected", "version": "QCN6432" }, { "status": "affected", "version": "QCN9000" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9022" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9070" }, { "status": "affected", "version": "QCN9072" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCN9100" }, { "status": "affected", "version": "QCN9160" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "QXM8083" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX65M" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR2330P" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN6450" }, { "status": "affected", "version": "WCN6755" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS may occur while parsing extended IE in beacon." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:16:02.146Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Buffer Over-read in WLAN Host Communication" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2025-21435", "datePublished": "2025-04-07T10:16:02.146Z", "dateReserved": "2024-12-18T09:50:08.920Z", "dateUpdated": "2025-04-07T14:37:48.732Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-49848 (GCVE-0-2024-49848)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
Memory corruption while processing multiple IOCTL calls from HLOS to DSP.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: AR8035 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6900 Version: FastConnect 7800 Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA6174A Version: QCA6391 Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6688AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCC710 Version: QCM4325 Version: QCM4490 Version: QCM6125 Version: QCM8550 Version: QCN6224 Version: QCN6274 Version: QCN9011 Version: QCN9012 Version: QCS4490 Version: QCS6125 Version: QCS7230 Version: QCS8250 Version: QCS8550 Version: QDU1000 Version: QDU1010 Version: QDU1110 Version: QDU1210 Version: QDX1010 Version: QDX1011 Version: QEP8111 Version: QFW7114 Version: QFW7124 Version: QMP1000 Version: QRU1032 Version: QRU1052 Version: QRU1062 Version: Qualcomm Video Collaboration VC1 Platform Version: Qualcomm Video Collaboration VC5 Platform Version: SA6155P Version: SA7255P Version: SA7775P Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SD 8 Gen1 5G Version: SG4150P Version: SG8275P Version: SM4635 Version: SM6650 Version: SM7635 Version: SM7675 Version: SM7675P Version: SM8550P Version: SM8635 Version: SM8635P Version: SM8650Q Version: SM8735 Version: SM8750 Version: SM8750P Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 4 Gen 2 Mobile Platform Version: Snapdragon 460 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 662 Mobile Platform Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8 Gen 2 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 2 Mobile Platform Version: Snapdragon AR1 Gen 1 Platform Version: Snapdragon AR1 Gen 1 Platform "Luna1" Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon X35 5G Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: SRV1H Version: SRV1L Version: SRV1M Version: SSG2115P Version: SSG2125P Version: SW5100 Version: SW5100P Version: SXR1230P Version: SXR2230P Version: SXR2250P Version: TalynPlus Version: Vision Intelligence 400 Platform Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9375 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WCN6450 Version: WCN6650 Version: WCN6755 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-49848", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-08T03:56:13.620Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon CCW", "Snapdragon Compute", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon WBC", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6688AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCM4325" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCM8550" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS7230" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QDU1000" }, { "status": "affected", "version": "QDU1010" }, { "status": "affected", "version": "QDU1110" }, { "status": "affected", "version": "QDU1210" }, { "status": "affected", "version": "QDX1010" }, { "status": "affected", "version": "QDX1011" }, { "status": "affected", "version": "QEP8111" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "QRU1032" }, { "status": "affected", "version": "QRU1052" }, { "status": "affected", "version": "QRU1062" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC5 Platform" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SG8275P" }, { "status": "affected", "version": "SM4635" }, { "status": "affected", "version": "SM6650" }, { "status": "affected", "version": "SM7635" }, { "status": "affected", "version": "SM7675" }, { "status": "affected", "version": "SM7675P" }, { "status": "affected", "version": "SM8550P" }, { "status": "affected", "version": "SM8635" }, { "status": "affected", "version": "SM8635P" }, { "status": "affected", "version": "SM8650Q" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\"" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X35 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "SXR2250P" }, { "status": "affected", "version": "TalynPlus" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN6450" }, { "status": "affected", "version": "WCN6650" }, { "status": "affected", "version": "WCN6755" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption while processing multiple IOCTL calls from HLOS to DSP." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:50.191Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Use After Free in DSP Service" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2024-49848", "datePublished": "2025-04-07T10:15:50.191Z", "dateReserved": "2024-10-20T17:18:43.218Z", "dateUpdated": "2025-04-08T03:56:13.620Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-46972 (GCVE-0-2024-46972)
Vulnerability from cvelistv5
Published
2024-12-28 04:53
Modified
2025-03-13 13:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-911 - CWE - Improper Update of Reference Count
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 24.1 RTM < |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-46972", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-28T16:43:59.072034Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-03-13T13:48:09.321Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "status": "affected", "version": "24.1 RTM", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions." } ], "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions." } ], "impacts": [ { "capecId": "CAPEC-92", "descriptions": [ { "lang": "en", "value": "CAPEC-92 Forced Integer Overflow" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-911", "description": "CWE - CWE-911: Improper Update of Reference Count", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-28T04:53:56.594Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - Security: Reference count overflow in pvr_sync_rollback_export_fence", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-46972", "datePublished": "2024-12-28T04:53:56.594Z", "dateReserved": "2024-09-16T13:20:45.924Z", "dateUpdated": "2025-03-13T13:48:09.321Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-21448 (GCVE-0-2025-21448)
Vulnerability from cvelistv5
Published
2025-04-07 10:16
Modified
2025-04-07 14:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-126 - Buffer Over-read
Summary
Transient DOS may occur while parsing SSID in action frames.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: 315 5G IoT Modem Version: AQT1000 Version: AR8035 Version: AR9380 Version: CSR8811 Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: Immersive Home 214 Platform Version: Immersive Home 216 Platform Version: Immersive Home 316 Platform Version: Immersive Home 318 Platform Version: IPQ5010 Version: IPQ5028 Version: IPQ6010 Version: IPQ6018 Version: IPQ6028 Version: IPQ8064 Version: IPQ8065 Version: IPQ8068 Version: IPQ8070 Version: IPQ8070A Version: IPQ8071A Version: IPQ8072A Version: IPQ8074A Version: IPQ8076 Version: IPQ8076A Version: IPQ8078 Version: IPQ8078A Version: IPQ8173 Version: IPQ8174 Version: IPQ9554 Version: IPQ9570 Version: IPQ9574 Version: PMP8074 Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA0000 Version: QCA1062 Version: QCA1064 Version: QCA2062 Version: QCA2064 Version: QCA2065 Version: QCA2066 Version: QCA4024 Version: QCA6174A Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6554A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6688AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6777AQ Version: QCA6787AQ Version: QCA6797AQ Version: QCA8072 Version: QCA8075 Version: QCA8081 Version: QCA8337 Version: QCA9886 Version: QCA9888 Version: QCA9889 Version: QCA9980 Version: QCA9984 Version: QCA9985 Version: QCA9986 Version: QCA9990 Version: QCA9992 Version: QCA9994 Version: QCC2073 Version: QCC2076 Version: QCC710 Version: QCM4490 Version: QCM5430 Version: QCM6490 Version: QCM8550 Version: QCN5021 Version: QCN5022 Version: QCN5024 Version: QCN5052 Version: QCN5054 Version: QCN5122 Version: QCN5124 Version: QCN5152 Version: QCN5154 Version: QCN5164 Version: QCN6023 Version: QCN6024 Version: QCN6100 Version: QCN6102 Version: QCN6112 Version: QCN6122 Version: QCN6132 Version: QCN6224 Version: QCN6274 Version: QCN9000 Version: QCN9001 Version: QCN9002 Version: QCN9003 Version: QCN9011 Version: QCN9012 Version: QCN9022 Version: QCN9024 Version: QCN9070 Version: QCN9072 Version: QCN9074 Version: QCN9100 Version: QCN9274 Version: QCS4490 Version: QCS5430 Version: QCS6490 Version: QCS7230 Version: QCS8250 Version: QCS8300 Version: QCS8550 Version: QCS9100 Version: QEP8111 Version: QFW7114 Version: QFW7124 Version: QMP1000 Version: QRB5165M Version: QRB5165N Version: QSM8250 Version: QSM8350 Version: Qualcomm Video Collaboration VC3 Platform Version: Qualcomm Video Collaboration VC5 Platform Version: Robotics RB5 Platform Version: SA4150P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA7255P Version: SA7775P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SC8180X+SDX55 Version: SC8380XP Version: SD 8 Gen1 5G Version: SD865 5G Version: SD888 Version: SDX55 Version: SDX61 Version: SG8275P Version: SM6650 Version: SM7315 Version: SM7325P Version: SM7635 Version: SM7675 Version: SM7675P Version: SM8550P Version: SM8635 Version: SM8635P Version: SM8650Q Version: SM8735 Version: SM8750 Version: SM8750P Version: Snapdragon 778G 5G Mobile Platform Version: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Version: Snapdragon 780G 5G Mobile Platform Version: Snapdragon 782G Mobile Platform (SM7325-AF) Version: Snapdragon 7c+ Gen 3 Compute Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8 Gen 2 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 2 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" Version: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Version: Snapdragon 8cx Compute Platform (SC8180X-AA, AB) Version: Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB) Version: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Version: Snapdragon AR1 Gen 1 Platform Version: Snapdragon AR1 Gen 1 Platform "Luna1" Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon X35 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X62 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: Snapdragon Auto 4G Modem Version: SRV1H Version: SRV1L Version: SRV1M Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2130 Version: SXR2230P Version: SXR2250P Version: SXR2330P Version: WCD9340 Version: WCD9341 Version: WCD9360 Version: WCD9370 Version: WCD9375 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3950 Version: WCN3980 Version: WCN6450 Version: WCN6650 Version: WCN6740 Version: WCN6755 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21448", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T14:02:48.532718Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T14:03:06.045Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon CCW", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon MC", "Snapdragon Mobile", "Snapdragon Technology", "Snapdragon WBC", "Snapdragon Wired Infrastructure and Networking" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "AR9380" }, { "status": "affected", "version": "CSR8811" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "Immersive Home 214 Platform" }, { "status": "affected", "version": "Immersive Home 216 Platform" }, { "status": "affected", "version": "Immersive Home 316 Platform" }, { "status": "affected", "version": "Immersive Home 318 Platform" }, { "status": "affected", "version": "IPQ5010" }, { "status": "affected", "version": "IPQ5028" }, { "status": "affected", "version": "IPQ6010" }, { "status": "affected", "version": "IPQ6018" }, { "status": "affected", "version": "IPQ6028" }, { "status": "affected", "version": "IPQ8064" }, { "status": "affected", "version": "IPQ8065" }, { "status": "affected", "version": "IPQ8068" }, { "status": "affected", "version": "IPQ8070" }, { "status": "affected", "version": "IPQ8070A" }, { "status": "affected", "version": "IPQ8071A" }, { "status": "affected", "version": "IPQ8072A" }, { "status": "affected", "version": "IPQ8074A" }, { "status": "affected", "version": "IPQ8076" }, { "status": "affected", "version": "IPQ8076A" }, { "status": "affected", "version": "IPQ8078" }, { "status": "affected", "version": "IPQ8078A" }, { "status": "affected", "version": "IPQ8173" }, { "status": "affected", "version": "IPQ8174" }, { "status": "affected", "version": "IPQ9554" }, { "status": "affected", "version": "IPQ9570" }, { "status": "affected", "version": "IPQ9574" }, { "status": "affected", "version": "PMP8074" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA0000" }, { "status": "affected", "version": "QCA1062" }, { "status": "affected", "version": "QCA1064" }, { "status": "affected", "version": "QCA2062" }, { "status": "affected", "version": "QCA2064" }, { "status": "affected", "version": "QCA2065" }, { "status": "affected", "version": "QCA2066" }, { "status": "affected", "version": "QCA4024" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6688AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6777AQ" }, { "status": "affected", "version": "QCA6787AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8072" }, { "status": "affected", "version": "QCA8075" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9886" }, { "status": "affected", "version": "QCA9888" }, { "status": "affected", "version": "QCA9889" }, { "status": "affected", "version": "QCA9980" }, { "status": "affected", "version": "QCA9984" }, { "status": "affected", "version": "QCA9985" }, { "status": "affected", "version": "QCA9986" }, { "status": "affected", "version": "QCA9990" }, { "status": "affected", "version": "QCA9992" }, { "status": "affected", "version": "QCA9994" }, { "status": "affected", "version": "QCC2073" }, { "status": "affected", "version": "QCC2076" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM5430" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCM8550" }, { "status": "affected", "version": "QCN5021" }, { "status": "affected", "version": "QCN5022" }, { "status": "affected", "version": "QCN5024" }, { "status": "affected", "version": "QCN5052" }, { "status": "affected", "version": "QCN5054" }, { "status": "affected", "version": "QCN5122" }, { "status": "affected", "version": "QCN5124" }, { "status": "affected", "version": "QCN5152" }, { "status": "affected", "version": "QCN5154" }, { "status": "affected", "version": "QCN5164" }, { "status": "affected", "version": "QCN6023" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6100" }, { "status": "affected", "version": "QCN6102" }, { "status": "affected", "version": "QCN6112" }, { "status": "affected", "version": "QCN6122" }, { "status": "affected", "version": "QCN6132" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN9000" }, { "status": "affected", "version": "QCN9001" }, { "status": "affected", "version": "QCN9002" }, { "status": "affected", "version": "QCN9003" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9022" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9070" }, { "status": "affected", "version": "QCN9072" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCN9100" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS5430" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS7230" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QCS8300" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QCS9100" }, { "status": "affected", "version": "QEP8111" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "QSM8250" }, { "status": "affected", "version": "QSM8350" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC5 Platform" }, { "status": "affected", "version": "Robotics RB5 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SC8180X+SDX55" }, { "status": "affected", "version": "SC8380XP" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX61" }, { "status": "affected", "version": "SG8275P" }, { "status": "affected", "version": "SM6650" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "SM7635" }, { "status": "affected", "version": "SM7675" }, { "status": "affected", "version": "SM7675P" }, { "status": "affected", "version": "SM8550P" }, { "status": "affected", "version": "SM8635" }, { "status": "affected", "version": "SM8635P" }, { "status": "affected", "version": "SM8650Q" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\"" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon X35 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X62 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "SXR2250P" }, { "status": "affected", "version": "SXR2330P" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN6450" }, { "status": "affected", "version": "WCN6650" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WCN6755" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS may occur while parsing SSID in action frames." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:16:15.565Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Buffer Over-read in WLAN Firmware" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2025-21448", "datePublished": "2025-04-07T10:16:15.565Z", "dateReserved": "2024-12-18T09:50:08.923Z", "dateUpdated": "2025-04-07T14:03:06.045Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-43065 (GCVE-0-2024-43065)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-07 15:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-749 - Exposed Dangerous Method or Function
Summary
Cryptographic issues while generating an asymmetric key pair for RKP use cases.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: AR8035 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA6174A Version: QCA6391 Version: QCA6421 Version: QCA6426 Version: QCA6431 Version: QCA6436 Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6688AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCC710 Version: QCM4325 Version: QCM5430 Version: QCM6490 Version: QCM8550 Version: QCN6224 Version: QCN6274 Version: QCN9274 Version: QCS5430 Version: QCS6490 Version: QCS8300 Version: QCS8550 Version: QCS9100 Version: QDU1000 Version: QDU1010 Version: QDU1110 Version: QDU1210 Version: QDX1010 Version: QDX1011 Version: QEP8111 Version: QFW7114 Version: QFW7124 Version: QMP1000 Version: QRU1032 Version: QRU1052 Version: QRU1062 Version: QSM8350 Version: Qualcomm Video Collaboration VC3 Platform Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155P Version: SA7255P Version: SA7775P Version: SA8145P Version: SA8150P Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SA8530P Version: SA8540P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SC8380XP Version: SD 8 Gen1 5G Version: SD865 5G Version: SDM429W Version: SG4150P Version: SM4635 Version: SM6650 Version: SM7250P Version: SM7635 Version: SM7675 Version: SM7675P Version: SM8635 Version: SM8635P Version: SM8650Q Version: SM8735 Version: SM8750 Version: SM8750P Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 460 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 662 Mobile Platform Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 765 5G Mobile Platform (SM7250-AA) Version: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Version: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Version: Snapdragon AR1 Gen 1 Platform Version: Snapdragon AR1 Gen 1 Platform "Luna1" Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon Wear 4100+ Platform Version: Snapdragon X35 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X62 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: Snapdragon XR2 5G Platform Version: SRV1H Version: SRV1L Version: SRV1M Version: SXR2130 Version: SXR2330P Version: WCD9340 Version: WCD9370 Version: WCD9375 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3620 Version: WCN3660B Version: WCN3680B Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN6450 Version: WCN6650 Version: WCN6755 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43065", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T15:56:06.529335Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T15:56:17.559Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Technology", "Snapdragon WBC", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6688AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCM4325" }, { "status": "affected", "version": "QCM5430" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCM8550" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS5430" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS8300" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QCS9100" }, { "status": "affected", "version": "QDU1000" }, { "status": "affected", "version": "QDU1010" }, { "status": "affected", "version": "QDU1110" }, { "status": "affected", "version": "QDU1210" }, { "status": "affected", "version": "QDX1010" }, { "status": "affected", "version": "QDX1011" }, { "status": "affected", "version": "QEP8111" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "QRU1032" }, { "status": "affected", "version": "QRU1052" }, { "status": "affected", "version": "QRU1062" }, { "status": "affected", "version": "QSM8350" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8530P" }, { "status": "affected", "version": "SA8540P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SC8380XP" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SM4635" }, { "status": "affected", "version": "SM6650" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7635" }, { "status": "affected", "version": "SM7675" }, { "status": "affected", "version": "SM7675P" }, { "status": "affected", "version": "SM8635" }, { "status": "affected", "version": "SM8635P" }, { "status": "affected", "version": "SM8650Q" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\"" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon Wear 4100+ Platform" }, { "status": "affected", "version": "Snapdragon X35 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X62 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2330P" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN6450" }, { "status": "affected", "version": "WCN6650" }, { "status": "affected", "version": "WCN6755" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Cryptographic issues while generating an asymmetric key pair for RKP use cases." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-749", "description": "CWE-749: Exposed Dangerous Method or Function", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:35.110Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Exposed Dangerous Method or Function in HLOS" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2024-43065", "datePublished": "2025-04-07T10:15:35.110Z", "dateReserved": "2024-08-05T14:22:16.920Z", "dateUpdated": "2025-04-07T15:56:17.559Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20657 (GCVE-0-2025-20657)
Vulnerability from cvelistv5
Published
2025-04-07 03:14
Modified
2025-04-09 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
MediaTek, Inc. | MT6765, MT6768, MT6781, MT6789, MT6833, MT6853, MT6877, MT6885, MT8768, MT8771, MT8781, MT8786, MT8791T |
Version: Android 12.0, 15.0 |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2025-20657", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-08T03:55:50.341567Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-09T18:28:29.603Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "MT6765, MT6768, MT6781, MT6789, MT6833, MT6853, MT6877, MT6885, MT8768, MT8771, MT8781, MT8786, MT8791T", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 12.0, 15.0" } ] } ], "descriptions": [ { "lang": "en", "value": "In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T03:14:50.803Z", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/April-2025" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2025-20657", "datePublished": "2025-04-07T03:14:50.803Z", "dateReserved": "2024-11-01T01:21:50.367Z", "dateUpdated": "2025-04-09T18:28:29.603Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-21434 (GCVE-0-2025-21434)
Vulnerability from cvelistv5
Published
2025-04-07 10:16
Modified
2025-04-07 14:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-126 - Buffer Over-read
Summary
Transient DOS may occur while parsing EHT operation IE or EHT capability IE.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: AR8035 Version: FastConnect 6700 Version: FastConnect 6900 Version: FastConnect 7800 Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA6391 Version: QCA6554A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6688AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6777AQ Version: QCA6787AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCC2073 Version: QCC2076 Version: QCC710 Version: QCM5430 Version: QCM6490 Version: QCM8550 Version: QCN6224 Version: QCN6274 Version: QCN9011 Version: QCN9012 Version: QCN9274 Version: QCS5430 Version: QCS615 Version: QCS6490 Version: QCS7230 Version: QCS8250 Version: QCS8300 Version: QCS8550 Version: QCS9100 Version: QFW7114 Version: QFW7124 Version: QMP1000 Version: Qualcomm Video Collaboration VC3 Platform Version: Qualcomm Video Collaboration VC5 Platform Version: SA6155P Version: SA7255P Version: SA7775P Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SA8530P Version: SA8540P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SG8275P Version: SM6650 Version: SM7635 Version: SM7675 Version: SM7675P Version: SM8550P Version: SM8635 Version: SM8635P Version: SM8650Q Version: SM8735 Version: SM8750 Version: SM8750P Version: Snapdragon 8 Gen 2 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 8+ Gen 2 Mobile Platform Version: Snapdragon AR1 Gen 1 Platform Version: Snapdragon AR1 Gen 1 Platform "Luna1" Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: SRV1H Version: SRV1L Version: SRV1M Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2230P Version: SXR2250P Version: SXR2330P Version: Vision Intelligence 400 Platform Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9375 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3990 Version: WCN6650 Version: WCN6755 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21434", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T14:41:31.783175Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T14:48:58.277Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon WBC" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6688AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6777AQ" }, { "status": "affected", "version": "QCA6787AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCC2073" }, { "status": "affected", "version": "QCC2076" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCM5430" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCM8550" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS5430" }, { "status": "affected", "version": "QCS615" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS7230" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QCS8300" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QCS9100" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC5 Platform" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8530P" }, { "status": "affected", "version": "SA8540P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SG8275P" }, { "status": "affected", "version": "SM6650" }, { "status": "affected", "version": "SM7635" }, { "status": "affected", "version": "SM7675" }, { "status": "affected", "version": "SM7675P" }, { "status": "affected", "version": "SM8550P" }, { "status": "affected", "version": "SM8635" }, { "status": "affected", "version": "SM8635P" }, { "status": "affected", "version": "SM8650Q" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Snapdragon 8 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\"" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "SXR2250P" }, { "status": "affected", "version": "SXR2330P" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN6650" }, { "status": "affected", "version": "WCN6755" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS may occur while parsing EHT operation IE or EHT capability IE." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:16:00.794Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Buffer Over-read in WLAN Host" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2025-21434", "datePublished": "2025-04-07T10:16:00.794Z", "dateReserved": "2024-12-18T09:50:08.920Z", "dateUpdated": "2025-04-07T14:48:58.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-43066 (GCVE-0-2024-43066)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-07 18:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
Memory corruption while handling file descriptor during listener registration/de-registration.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: MDM9650 Version: QAM8295P Version: QCA6310 Version: QCA6335 Version: QCA6391 Version: QCA6426 Version: QCA6436 Version: QCA6564 Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6595 Version: QCA6595AU Version: QCA6696 Version: QCA6698AQ Version: QCM6490 Version: QCS410 Version: QCS610 Version: QCS6490 Version: QCS8550 Version: Qualcomm 205 Mobile Platform Version: Qualcomm Video Collaboration VC1 Platform Version: Qualcomm Video Collaboration VC3 Platform Version: Robotics RB3 Platform Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8295P Version: SD660 Version: SD865 5G Version: SDM429W Version: SG4150P Version: SM4125 Version: SM6370 Version: Snapdragon 210 Processor Version: Snapdragon 212 Mobile Platform Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 460 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 660 Mobile Platform Version: Snapdragon 662 Mobile Platform Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 820 Automotive Platform Version: Snapdragon 845 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon XR1 Platform Version: Snapdragon XR2 5G Platform Version: Snapdragon Auto 4G Modem Version: SW5100 Version: SW5100P Version: SXR1120 Version: SXR2130 Version: Vision Intelligence 400 Platform Version: WCD9326 Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3610 Version: WCN3620 Version: WCN3660B Version: WCN3680B Version: WCN3910 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8835 |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43066", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T18:47:30.338190Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T18:57:53.736Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "MDM9650" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6564" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "Qualcomm 205 Mobile Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "Robotics RB3 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SM4125" }, { "status": "affected", "version": "SM6370" }, { "status": "affected", "version": "Snapdragon 210 Processor" }, { "status": "affected", "version": "Snapdragon 212 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 820 Automotive Platform" }, { "status": "affected", "version": "Snapdragon 845 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8835" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption while handling file descriptor during listener registration/de-registration." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:36.557Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Use After Free in HLOS" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2024-43066", "datePublished": "2025-04-07T10:15:36.557Z", "dateReserved": "2024-08-05T14:22:16.920Z", "dateUpdated": "2025-04-07T18:57:53.736Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-0050 (GCVE-0-2025-0050)
Vulnerability from cvelistv5
Published
2025-04-07 12:02
Modified
2025-04-10 14:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0.
References
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
► | Arm Ltd | Valhall GPU Userspace Driver |
Version: r19p0 Version: r50p0 |
|||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2025-0050", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-08T18:52:53.846867Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-08T18:53:11.251Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Valhall GPU Userspace Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p3", "status": "unaffected" } ], "lessThanOrEqual": "r49p2", "status": "affected", "version": "r19p0", "versionType": "patch" }, { "changes": [ { "at": "r54p0", "status": "unaffected" } ], "lessThanOrEqual": "r53p0", "status": "affected", "version": "r50p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Userspace Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p3", "status": "unaffected" } ], "lessThanOrEqual": "r49p2", "status": "affected", "version": "r41p0", "versionType": "patch" }, { "changes": [ { "at": "r54p0", "status": "unaffected" } ], "lessThanOrEqual": "r53p0", "status": "affected", "version": "r50p0", "versionType": "patch" } ] }, { "defaultStatus": "unaffected", "product": "Bifrost GPU Userspace Driver", "vendor": "Arm Ltd", "versions": [ { "changes": [ { "at": "r49p3", "status": "unaffected" } ], "lessThanOrEqual": "r49p2", "status": "affected", "version": "r0p0", "versionType": "patch" }, { "lessThanOrEqual": "r51p0", "status": "affected", "version": "r50p0", "versionType": "patch" } ] } ], "datePublic": "2025-04-07T08:30:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.\u003cp\u003eThis issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0.\u003c/p\u003e" } ], "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-10T14:06:48.933Z", "orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm" }, "references": [ { "url": "https://developer.arm.com/documentation/110435/latest/" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue has been fixed in the following versions:\u003cbr\u003e\u003cul\u003e\u003cli\u003eBifrost GPU Userspace Driver r49p3\u003cbr\u003e\u003c/li\u003e\u003cli\u003eValhall GPU Userspace Driver r49p3 and r54p0\u003cbr\u003e\u003c/li\u003e\u003cli\u003eArm 5th Gen GPU Architecture Userspace Driver r49p3 and r54p0\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003eArm recommends that affected users upgrade to the latest applicable version to protect against this issue.\u003cbr\u003e" } ], "value": "This issue has been fixed in the following versions:\n * Bifrost GPU Userspace Driver r49p3\n\n * Valhall GPU Userspace Driver r49p3 and r54p0\n\n * Arm 5th Gen GPU Architecture Userspace Driver r49p3 and r54p0\n\n\n\nArm recommends that affected users upgrade to the latest applicable version to protect against this issue." } ], "source": { "discovery": "UNKNOWN" }, "title": "Mali GPU Userspace Driver allows an Out-of-Bounds access", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "assignerShortName": "Arm", "cveId": "CVE-2025-0050", "datePublished": "2025-04-07T12:02:02.367Z", "dateReserved": "2024-12-04T12:04:28.963Z", "dateUpdated": "2025-04-10T14:06:48.933Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-45551 (GCVE-0-2024-45551)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-07 16:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1390 - Weak Authentication
Summary
Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: AQT1000 Version: AR8035 Version: CSRA6620 Version: CSRA6640 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA6174A Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6688AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCC710 Version: QCM2290 Version: QCM4290 Version: QCM4325 Version: QCM4490 Version: QCM5430 Version: QCM6125 Version: QCM6490 Version: QCM8550 Version: QCN6024 Version: QCN6224 Version: QCN6274 Version: QCN7606 Version: QCN9011 Version: QCN9012 Version: QCN9024 Version: QCN9274 Version: QCS2290 Version: QCS4290 Version: QCS4490 Version: QCS5430 Version: QCS6125 Version: QCS6490 Version: QCS7230 Version: QCS8250 Version: QCS8300 Version: QCS8550 Version: QCS9100 Version: QDU1000 Version: QDU1010 Version: QDU1110 Version: QDU1210 Version: QDX1010 Version: QDX1011 Version: QEP8111 Version: QFW7114 Version: QFW7124 Version: QMP1000 Version: QRB5165M Version: QRB5165N Version: QRU1032 Version: QRU1052 Version: QRU1062 Version: QSM8350 Version: Qualcomm Video Collaboration VC1 Platform Version: Qualcomm Video Collaboration VC3 Platform Version: Qualcomm Video Collaboration VC5 Platform Version: Robotics RB2 Platform Version: Robotics RB5 Platform Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA7255P Version: SA7775P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SA8530P Version: SA8540P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SC8380XP Version: SD 8 Gen1 5G Version: SD670 Version: SD730 Version: SD855 Version: SD865 5G Version: SD888 Version: SDX61 Version: SG4150P Version: SG8275P Version: SM4125 Version: SM4635 Version: SM6250 Version: SM6370 Version: SM6650 Version: SM7250P Version: SM7315 Version: SM7325P Version: SM7635 Version: SM7675 Version: SM7675P Version: SM8550P Version: SM8635 Version: SM8635P Version: SM8650Q Version: SM8735 Version: SM8750 Version: SM8750P Version: Smart Audio 400 Platform Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 4 Gen 2 Mobile Platform Version: Snapdragon 460 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 662 Mobile Platform Version: Snapdragon 665 Mobile Platform Version: Snapdragon 670 Mobile Platform Version: Snapdragon 675 Mobile Platform Version: Snapdragon 678 Mobile Platform (SM6150-AC) Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 690 5G Mobile Platform Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 710 Mobile Platform Version: Snapdragon 720G Mobile Platform Version: Snapdragon 730 Mobile Platform (SM7150-AA) Version: Snapdragon 730G Mobile Platform (SM7150-AB) Version: Snapdragon 732G Mobile Platform (SM7150-AC) Version: Snapdragon 750G 5G Mobile Platform Version: Snapdragon 765 5G Mobile Platform (SM7250-AA) Version: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Version: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Version: Snapdragon 778G 5G Mobile Platform Version: Snapdragon 778G+ 5G Mobile Platform (SM7325-AE) Version: Snapdragon 780G 5G Mobile Platform Version: Snapdragon 782G Mobile Platform (SM7325-AF) Version: Snapdragon 7c+ Gen 3 Compute Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8 Gen 2 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 2 Mobile Platform Version: Snapdragon 855 Mobile Platform Version: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Version: Snapdragon AR1 Gen 1 Platform Version: Snapdragon AR1 Gen 1 Platform "Luna1" Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon X35 5G Modem-RF System Version: Snapdragon X50 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X62 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: Snapdragon XR1 Platform Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: SRV1H Version: SRV1L Version: SRV1M Version: SSG2115P Version: SSG2125P Version: SW5100 Version: SW5100P Version: SXR1120 Version: SXR1230P Version: SXR2130 Version: SXR2230P Version: SXR2250P Version: SXR2330P Version: TalynPlus Version: WCD9326 Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9375 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3910 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WCN6450 Version: WCN6650 Version: WCN6740 Version: WCN6755 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-45551", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T16:48:01.206262Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T16:49:45.365Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon CCW", "Snapdragon Compute", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Technology", "Snapdragon WBC", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6688AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCM2290" }, { "status": "affected", "version": "QCM4290" }, { "status": "affected", "version": "QCM4325" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM5430" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCM8550" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN7606" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS2290" }, { "status": "affected", "version": "QCS4290" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS5430" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS7230" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QCS8300" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QCS9100" }, { "status": "affected", "version": "QDU1000" }, { "status": "affected", "version": "QDU1010" }, { "status": "affected", "version": "QDU1110" }, { "status": "affected", "version": "QDU1210" }, { "status": "affected", "version": "QDX1010" }, { "status": "affected", "version": "QDX1011" }, { "status": "affected", "version": "QEP8111" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "QRU1032" }, { "status": "affected", "version": "QRU1052" }, { "status": "affected", "version": "QRU1062" }, { "status": "affected", "version": "QSM8350" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC5 Platform" }, { "status": "affected", "version": "Robotics RB2 Platform" }, { "status": "affected", "version": "Robotics RB5 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8530P" }, { "status": "affected", "version": "SA8540P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SC8380XP" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD670" }, { "status": "affected", "version": "SD730" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SD888" }, { "status": "affected", "version": "SDX61" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SG8275P" }, { "status": "affected", "version": "SM4125" }, { "status": "affected", "version": "SM4635" }, { "status": "affected", "version": "SM6250" }, { "status": "affected", "version": "SM6370" }, { "status": "affected", "version": "SM6650" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7315" }, { "status": "affected", "version": "SM7325P" }, { "status": "affected", "version": "SM7635" }, { "status": "affected", "version": "SM7675" }, { "status": "affected", "version": "SM7675P" }, { "status": "affected", "version": "SM8550P" }, { "status": "affected", "version": "SM8635" }, { "status": "affected", "version": "SM8635P" }, { "status": "affected", "version": "SM8650Q" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 665 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 670 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 675 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 710 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 720G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 730 Mobile Platform (SM7150-AA)" }, { "status": "affected", "version": "Snapdragon 730G Mobile Platform (SM7150-AB)" }, { "status": "affected", "version": "Snapdragon 732G Mobile Platform (SM7150-AC)" }, { "status": "affected", "version": "Snapdragon 750G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 778G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)" }, { "status": "affected", "version": "Snapdragon 780G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 782G Mobile Platform (SM7325-AF)" }, { "status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\"" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X35 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X62 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "SXR2250P" }, { "status": "affected", "version": "SXR2330P" }, { "status": "affected", "version": "TalynPlus" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN6450" }, { "status": "affected", "version": "WCN6650" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WCN6755" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1390", "description": "CWE-1390: Weak Authentication", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:44.780Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Weak Authentication in HLOS" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2024-45551", "datePublished": "2025-04-07T10:15:44.780Z", "dateReserved": "2024-09-02T10:26:15.222Z", "dateUpdated": "2025-04-07T16:49:45.365Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20655 (GCVE-0-2025-20655)
Vulnerability from cvelistv5
Published
2025-04-07 03:14
Modified
2025-04-07 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
MediaTek, Inc. | MT9972 |
Version: Android 12.0, 14.0 |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2025-20655", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T14:21:06.053412Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T18:23:10.649Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "MT9972", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 12.0, 14.0" } ] } ], "descriptions": [ { "lang": "en", "value": "In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T03:14:47.279Z", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/April-2025" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2025-20655", "datePublished": "2025-04-07T03:14:47.279Z", "dateReserved": "2024-11-01T01:21:50.367Z", "dateUpdated": "2025-04-07T18:23:10.649Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-33058 (GCVE-0-2024-33058)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-07 16:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1220 - Insufficient Granularity of Access Control
Summary
Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: AQT1000 Version: AR8035 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA6174A Version: QCA6310 Version: QCA6335 Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6688AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCA9377 Version: QCC710 Version: QCM5430 Version: QCM6490 Version: QCM8550 Version: QCN6224 Version: QCN6274 Version: QCN9274 Version: QCS5430 Version: QCS6490 Version: QCS8300 Version: QCS8550 Version: QCS9100 Version: QDU1000 Version: QDU1010 Version: QDU1110 Version: QDU1210 Version: QDX1010 Version: QDX1011 Version: QEP8111 Version: QFW7114 Version: QFW7124 Version: QMP1000 Version: QRU1032 Version: QRU1052 Version: QRU1062 Version: QSM8350 Version: Qualcomm Video Collaboration VC3 Platform Version: Robotics RB3 Platform Version: SA6145P Version: SA6155 Version: SA6155P Version: SA7255P Version: SA7775P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8255P Version: SA8295P Version: SA8540P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SC8380XP Version: SD 675 Version: SD 8 Gen1 5G Version: SD 8CX Version: SD670 Version: SD675 Version: SD855 Version: SD865 5G Version: SDX55 Version: SDX57M Version: SDX80M Version: SM4635 Version: SM6650 Version: SM7250P Version: SM7635 Version: SM7675 Version: SM7675P Version: SM8635 Version: SM8635P Version: SM8650Q Version: SM8735 Version: SM8750 Version: SM8750P Version: Snapdragon 670 Mobile Platform Version: Snapdragon 675 Mobile Platform Version: Snapdragon 678 Mobile Platform (SM6150-AC) Version: Snapdragon 765 5G Mobile Platform (SM7250-AA) Version: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Version: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 845 Mobile Platform Version: Snapdragon 850 Mobile Compute Platform Version: Snapdragon 855 Mobile Platform Version: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 888 5G Mobile Platform Version: Snapdragon 888+ 5G Mobile Platform (SM8350-AC) Version: Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite" Version: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Version: Snapdragon 8cx Compute Platform (SC8180X-AA, AB) Version: Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro" Version: Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB) Version: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Version: Snapdragon AR1 Gen 1 Platform Version: Snapdragon AR1 Gen 1 Platform "Luna1" Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon X24 LTE Modem Version: Snapdragon X35 5G Modem-RF System Version: Snapdragon X50 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X62 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: Snapdragon XR2 5G Platform Version: SRV1H Version: SRV1L Version: SRV1M Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2130 Version: SXR2330P Version: Vision Intelligence 300 Platform Version: Vision Intelligence 400 Platform Version: WCD9326 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9375 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WCN6450 Version: WCN6650 Version: WCN6755 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-33058", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T16:05:48.684802Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T16:06:36.533Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon MDM", "Snapdragon Mobile", "Snapdragon Technology", "Snapdragon WBC" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6688AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9377" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCM5430" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCM8550" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS5430" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS8300" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QCS9100" }, { "status": "affected", "version": "QDU1000" }, { "status": "affected", "version": "QDU1010" }, { "status": "affected", "version": "QDU1110" }, { "status": "affected", "version": "QDU1210" }, { "status": "affected", "version": "QDX1010" }, { "status": "affected", "version": "QDX1011" }, { "status": "affected", "version": "QEP8111" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "QRU1032" }, { "status": "affected", "version": "QRU1052" }, { "status": "affected", "version": "QRU1062" }, { "status": "affected", "version": "QSM8350" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "Robotics RB3 Platform" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8540P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SC8380XP" }, { "status": "affected", "version": "SD 675" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD 8CX" }, { "status": "affected", "version": "SD670" }, { "status": "affected", "version": "SD675" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX57M" }, { "status": "affected", "version": "SDX80M" }, { "status": "affected", "version": "SM4635" }, { "status": "affected", "version": "SM6650" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM7635" }, { "status": "affected", "version": "SM7675" }, { "status": "affected", "version": "SM7675P" }, { "status": "affected", "version": "SM8635" }, { "status": "affected", "version": "SM8635P" }, { "status": "affected", "version": "SM8650Q" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Snapdragon 670 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 675 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 845 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 850 Mobile Compute Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 888 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\"" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\"" }, { "status": "affected", "version": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)" }, { "status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\"" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon X24 LTE Modem" }, { "status": "affected", "version": "Snapdragon X35 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X62 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2330P" }, { "status": "affected", "version": "Vision Intelligence 300 Platform" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WCN6450" }, { "status": "affected", "version": "WCN6650" }, { "status": "affected", "version": "WCN6755" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1220", "description": "CWE-1220: Insufficient Granularity of Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:30.276Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Insufficient Granularity of Access Control in Core" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2024-33058", "datePublished": "2025-04-07T10:15:30.276Z", "dateReserved": "2024-04-23T04:42:06.935Z", "dateUpdated": "2025-04-07T16:06:36.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-21436 (GCVE-0-2025-21436)
Vulnerability from cvelistv5
Published
2025-04-07 10:16
Modified
2025-04-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: FastConnect 7800 Version: QMP1000 Version: SM8735 Version: SM8750 Version: SM8750P Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon W5+ Gen 1 Wearable Platform Version: SW5100 Version: SW5100P Version: SXR2330P Version: WCD9378 Version: WCD9380 Version: WCD9390 Version: WCD9395 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21436", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-08T03:56:04.288Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Compute", "Snapdragon Mobile", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR2330P" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:16:03.513Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Use After Free in DSP Service" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2025-21436", "datePublished": "2025-04-07T10:16:03.513Z", "dateReserved": "2024-12-18T09:50:08.920Z", "dateUpdated": "2025-04-08T03:56:04.288Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-21429 (GCVE-0-2025-21429)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-126 - Buffer Over-read
Summary
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: 9206 LTE Modem Version: APQ8017 Version: APQ8064AU Version: AQT1000 Version: AR8035 Version: C-V2X 9150 Version: CSRA6620 Version: CSRA6640 Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: MDM9250 Version: MDM9628 Version: MDM9640 Version: MDM9650 Version: MSM8996AU Version: QAM8255P Version: QAM8650P Version: QAM8775P Version: QCA6174A Version: QCA6175A Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6554A Version: QCA6564 Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6777AQ Version: QCA6787AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCA9367 Version: QCA9377 Version: QCC2073 Version: QCC2076 Version: QCM2290 Version: QCM4290 Version: QCM5430 Version: QCM6125 Version: QCM6490 Version: QCN6024 Version: QCN9024 Version: QCN9074 Version: QCS2290 Version: QCS410 Version: QCS4290 Version: QCS5430 Version: QCS610 Version: QCS6125 Version: QCS6490 Version: Qualcomm 205 Mobile Platform Version: Qualcomm Video Collaboration VC1 Platform Version: Qualcomm Video Collaboration VC3 Platform Version: SA2150P Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8530P Version: SA8540P Version: SA9000P Version: SD626 Version: SD660 Version: SD670 Version: SD730 Version: SD855 Version: SD865 5G Version: SDM429W Version: SDX55 Version: SDX61 Version: SM4125 Version: SM6250 Version: SM6370 Version: Smart Audio 200 Platform Version: Smart Audio 400 Platform Version: Smart Display 200 Platform (APQ5053-AA) Version: Snapdragon 1200 Wearable Platform Version: Snapdragon 210 Processor Version: Snapdragon 212 Mobile Platform Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 460 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 625 Mobile Platform Version: Snapdragon 626 Mobile Platform Version: Snapdragon 660 Mobile Platform Version: Snapdragon 662 Mobile Platform Version: Snapdragon 670 Mobile Platform Version: Snapdragon 675 Mobile Platform Version: Snapdragon 678 Mobile Platform (SM6150-AC) Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 710 Mobile Platform Version: Snapdragon 720G Mobile Platform Version: Snapdragon 730 Mobile Platform (SM7150-AA) Version: Snapdragon 730G Mobile Platform (SM7150-AB) Version: Snapdragon 732G Mobile Platform (SM7150-AC) Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 820 Automotive Platform Version: Snapdragon 855 Mobile Platform Version: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon X24 LTE Modem Version: Snapdragon X5 LTE Modem Version: Snapdragon X50 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X62 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon XR1 Platform Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: Snapdragon Auto 4G Modem Version: SW5100 Version: SW5100P Version: SXR1120 Version: SXR2130 Version: SXR2230P Version: SXR2250P Version: Vision Intelligence 100 Platform (APQ8053-AA) Version: Vision Intelligence 200 Platform (APQ8053-AC) Version: WCD9326 Version: WCD9330 Version: WCD9335 Version: WCD9341 Version: WCD9360 Version: WCD9370 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3610 Version: WCN3615 Version: WCN3620 Version: WCN3660B Version: WCN3680B Version: WCN3910 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21429", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-08T03:56:05.795Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon CCW", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Voice \u0026 Music", "Snapdragon WBC", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "9206 LTE Modem" }, { "status": "affected", "version": "APQ8017" }, { "status": "affected", "version": "APQ8064AU" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "C-V2X 9150" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "MDM9250" }, { "status": "affected", "version": "MDM9628" }, { "status": "affected", "version": "MDM9640" }, { "status": "affected", "version": "MDM9650" }, { "status": "affected", "version": "MSM8996AU" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6175A" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6777AQ" }, { "status": "affected", "version": "QCA6787AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9367" }, { "status": "affected", "version": "QCA9377" }, { "status": "affected", "version": "QCC2073" }, { "status": "affected", "version": "QCC2076" }, { "status": "affected", "version": "QCM2290" }, { "status": "affected", "version": "QCM4290" }, { "status": "affected", "version": "QCM5430" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCS2290" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS4290" }, { "status": "affected", "version": "QCS5430" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "Qualcomm 205 Mobile Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "SA2150P" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8530P" }, { "status": "affected", "version": "SA8540P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SD626" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD670" }, { "status": "affected", "version": "SD730" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX61" }, { "status": "affected", "version": "SM4125" }, { "status": "affected", "version": "SM6250" }, { "status": "affected", "version": "SM6370" }, { "status": "affected", "version": "Smart Audio 200 Platform" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Smart Display 200 Platform (APQ5053-AA)" }, { "status": "affected", "version": "Snapdragon 1200 Wearable Platform" }, { "status": "affected", "version": "Snapdragon 210 Processor" }, { "status": "affected", "version": "Snapdragon 212 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 625 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 626 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 670 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 675 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 710 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 720G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 730 Mobile Platform (SM7150-AA)" }, { "status": "affected", "version": "Snapdragon 730G Mobile Platform (SM7150-AB)" }, { "status": "affected", "version": "Snapdragon 732G Mobile Platform (SM7150-AC)" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 820 Automotive Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X24 LTE Modem" }, { "status": "affected", "version": "Snapdragon X5 LTE Modem" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X62 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "SXR2250P" }, { "status": "affected", "version": "Vision Intelligence 100 Platform (APQ8053-AA)" }, { "status": "affected", "version": "Vision Intelligence 200 Platform (APQ8053-AC)" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9330" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3615" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:56.542Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Buffer Over-read in WLAN Host" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2025-21429", "datePublished": "2025-04-07T10:15:56.542Z", "dateReserved": "2024-12-18T09:50:08.919Z", "dateUpdated": "2025-04-08T03:56:05.795Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-43703 (GCVE-0-2024-43703)
Vulnerability from cvelistv5
Published
2024-11-30 02:39
Modified
2024-12-01 23:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - CWE - Use After Free (4.16)
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 1.13 RTM < |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:imaginationtech:ddk:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ddk", "vendor": "imaginationtech", "versions": [ { "lessThanOrEqual": "24.2_rtm2", "status": "affected", "version": "1.13_rtm", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-43703", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-01T23:02:56.824318Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-01T23:03:00.888Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "lessThanOrEqual": "24.2 RTM2", "status": "affected", "version": "1.13 RTM", "versionType": "custom" }, { "status": "unaffected", "version": "24.3 RTM" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSoftware installed and run as a non-privileged user may conduct improper GPU system calls to achieve u\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003enauthorised reads and writes of physical memory from the GPU HW.\u003c/span\u003e" } ], "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW." } ], "impacts": [ { "capecId": "CAPEC-124", "descriptions": [ { "lang": "en", "value": "CAPEC - CAPEC-124: Shared Resource Manipulation (Version 3.9)" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE - CWE-416: Use After Free (4.16)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-30T02:39:25.336Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - Duplicate calls to RGXCreateFreeList on the same reservation leads to GPU UAF", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-43703", "datePublished": "2024-11-30T02:39:25.336Z", "dateReserved": "2024-08-15T08:21:31.533Z", "dateUpdated": "2024-12-01T23:03:00.888Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-53150 (GCVE-0-2024-53150)
Vulnerability from cvelistv5
Published
2024-12-24 11:28
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix out of bounds reads when finding clock sources
The current USB-audio driver code doesn't check bLength of each
descriptor at traversing for clock descriptors. That is, when a
device provides a bogus descriptor with a shorter bLength, the driver
might hit out-of-bounds reads.
For addressing it, this patch adds sanity checks to the validator
functions for the clock descriptor traversal. When the descriptor
length is shorter than expected, it's skipped in the loop.
For the clock source and clock multiplier descriptors, we can just
check bLength against the sizeof() of each descriptor type.
OTOH, the clock selector descriptor of UAC2 and UAC3 has an array
of bNrInPins elements and two more fields at its tail, hence those
have to be checked in addition to the sizeof() check.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
► | Linux | Linux |
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 |
|
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-53150", "options": [ { "Exploitation": "active" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-09T18:17:06.181809Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2025-04-09", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53150" }, "type": "kev" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-30T01:36:23.596Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2025-04-09T00:00:00+00:00", "value": "CVE-2024-53150 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "sound/usb/clock.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a632bdcb359fd8145e86486ff8612da98e239acd", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "45a92cbc88e4013bfed7fd2ccab3ade45f8e896b", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "ab011f7439d9bbfd34fd3b9cef4b2d6d952c9bb9", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "da13ade87a12dd58829278bc816a61bea06a56a9", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "74cb86e1006c5437b1d90084d22018da30fddc77", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "ea0fa76f61cf8e932d1d26e6193513230816e11d", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "096bb5b43edf755bc4477e64004fa3a20539ec2f", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "a3dd4d63eeb452cfb064a13862fb376ab108f6a6", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "sound/usb/clock.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.287", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.231", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.174", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.120", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.64", "versionType": "semver" }, { "lessThanOrEqual": "6.11.*", "status": "unaffected", "version": "6.11.11", "versionType": "semver" }, { "lessThanOrEqual": "6.12.*", "status": "unaffected", "version": "6.12.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.13", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.4.287", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.231", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.174", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.120", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.6.64", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.11.11", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.13", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix out of bounds reads when finding clock sources\n\nThe current USB-audio driver code doesn\u0027t check bLength of each\ndescriptor at traversing for clock descriptors. That is, when a\ndevice provides a bogus descriptor with a shorter bLength, the driver\nmight hit out-of-bounds reads.\n\nFor addressing it, this patch adds sanity checks to the validator\nfunctions for the clock descriptor traversal. When the descriptor\nlength is shorter than expected, it\u0027s skipped in the loop.\n\nFor the clock source and clock multiplier descriptors, we can just\ncheck bLength against the sizeof() of each descriptor type.\nOTOH, the clock selector descriptor of UAC2 and UAC3 has an array\nof bNrInPins elements and two more fields at its tail, hence those\nhave to be checked in addition to the sizeof() check." } ], "providerMetadata": { "dateUpdated": "2025-05-04T09:54:19.075Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a632bdcb359fd8145e86486ff8612da98e239acd" }, { "url": "https://git.kernel.org/stable/c/45a92cbc88e4013bfed7fd2ccab3ade45f8e896b" }, { "url": "https://git.kernel.org/stable/c/ab011f7439d9bbfd34fd3b9cef4b2d6d952c9bb9" }, { "url": "https://git.kernel.org/stable/c/da13ade87a12dd58829278bc816a61bea06a56a9" }, { "url": "https://git.kernel.org/stable/c/74cb86e1006c5437b1d90084d22018da30fddc77" }, { "url": "https://git.kernel.org/stable/c/ea0fa76f61cf8e932d1d26e6193513230816e11d" }, { "url": "https://git.kernel.org/stable/c/096bb5b43edf755bc4477e64004fa3a20539ec2f" }, { "url": "https://git.kernel.org/stable/c/a3dd4d63eeb452cfb064a13862fb376ab108f6a6" } ], "title": "ALSA: usb-audio: Fix out of bounds reads when finding clock sources", "x_generator": { "engine": "bippy-1.2.0" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2024-53150", "datePublished": "2024-12-24T11:28:50.175Z", "dateReserved": "2024-11-19T17:17:24.999Z", "dateUpdated": "2025-07-30T01:36:23.596Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-45552 (GCVE-0-2024-45552)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-07 15:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-126 - Buffer Over-read
Summary
Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: APQ8064AU Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: MSM8108 Version: MSM8209 Version: MSM8608 Version: MSM8909W Version: MSM8996AU Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA6310 Version: QCA6320 Version: QCA6335 Version: QCA6391 Version: QCA6426 Version: QCA6436 Version: QCA6564 Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6595 Version: QCA6595AU Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCM6125 Version: QCM6490 Version: QCS410 Version: QCS610 Version: QCS6125 Version: QCS6490 Version: Qualcomm 205 Mobile Platform Version: Qualcomm 215 Mobile Platform Version: Qualcomm Video Collaboration VC1 Platform Version: Qualcomm Video Collaboration VC3 Platform Version: Robotics RB3 Platform Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA7255P Version: SA7775P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SD626 Version: SD660 Version: SD835 Version: SD865 5G Version: SDM429W Version: SG4150P Version: SM4125 Version: SM6370 Version: SM8550P Version: Smart Audio 200 Platform Version: Smart Display 200 Platform (APQ5053-AA) Version: Snapdragon 208 Processor Version: Snapdragon 210 Processor Version: Snapdragon 212 Mobile Platform Version: Snapdragon 4 Gen 1 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 460 Mobile Platform Version: Snapdragon 480 5G Mobile Platform Version: Snapdragon 480+ 5G Mobile Platform (SM4350-AC) Version: Snapdragon 625 Mobile Platform Version: Snapdragon 626 Mobile Platform Version: Snapdragon 660 Mobile Platform Version: Snapdragon 662 Mobile Platform Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 695 5G Mobile Platform Version: Snapdragon 8 Gen 2 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 2 Mobile Platform Version: Snapdragon 820 Automotive Platform Version: Snapdragon 835 Mobile PC Platform Version: Snapdragon 845 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon Wear 2100 Platform Version: Snapdragon Wear 2500 Platform Version: Snapdragon Wear 3100 Platform Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon XR1 Platform Version: Snapdragon XR2 5G Platform Version: SRV1H Version: SRV1L Version: SRV1M Version: SW5100 Version: SW5100P Version: SXR1120 Version: SXR2130 Version: Vision Intelligence 100 Platform (APQ8053-AA) Version: Vision Intelligence 200 Platform (APQ8053-AC) Version: Vision Intelligence 400 Platform Version: WCD9326 Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9370 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3610 Version: WCN3615 Version: WCN3620 Version: WCN3660B Version: WCN3680B Version: WCN3910 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-45552", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T15:52:41.054271Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T15:53:03.856Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "APQ8064AU" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "MSM8108" }, { "status": "affected", "version": "MSM8209" }, { "status": "affected", "version": "MSM8608" }, { "status": "affected", "version": "MSM8909W" }, { "status": "affected", "version": "MSM8996AU" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6320" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6564" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "Qualcomm 205 Mobile Platform" }, { "status": "affected", "version": "Qualcomm 215 Mobile Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "Robotics RB3 Platform" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SD626" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD835" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SM4125" }, { "status": "affected", "version": "SM6370" }, { "status": "affected", "version": "SM8550P" }, { "status": "affected", "version": "Smart Audio 200 Platform" }, { "status": "affected", "version": "Smart Display 200 Platform (APQ5053-AA)" }, { "status": "affected", "version": "Snapdragon 208 Processor" }, { "status": "affected", "version": "Snapdragon 210 Processor" }, { "status": "affected", "version": "Snapdragon 212 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 4 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)" }, { "status": "affected", "version": "Snapdragon 625 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 626 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 695 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 820 Automotive Platform" }, { "status": "affected", "version": "Snapdragon 835 Mobile PC Platform" }, { "status": "affected", "version": "Snapdragon 845 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon Wear 2100 Platform" }, { "status": "affected", "version": "Snapdragon Wear 2500 Platform" }, { "status": "affected", "version": "Snapdragon Wear 3100 Platform" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "Vision Intelligence 100 Platform (APQ8053-AA)" }, { "status": "affected", "version": "Vision Intelligence 200 Platform (APQ8053-AC)" }, { "status": "affected", "version": "Vision Intelligence 400 Platform" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3615" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:46.280Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Buffer Over-read in Data Network Stack \u0026 Connectivity" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2024-45552", "datePublished": "2025-04-07T10:15:46.280Z", "dateReserved": "2024-09-02T10:26:15.222Z", "dateUpdated": "2025-04-07T15:53:03.856Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-52937 (GCVE-0-2024-52937)
Vulnerability from cvelistv5
Published
2025-01-13 10:37
Modified
2025-01-13 15:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-823 - CWE - Use of Out-of-range Pointer Offset (4.16)
Summary
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 23.2 RTM2 < Patch: 24.3 RTM |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-52937", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-13T15:55:00.289313Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-13T15:56:26.099Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "lessThanOrEqual": "24.2 RTM2", "status": "affected", "version": "23.2 RTM2", "versionType": "custom" }, { "status": "unaffected", "version": "24.3 RTM", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eKernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest\u0027s virtualised GPU memory.\u003c/span\u003e\n\n\u003c/span\u003e" } ], "value": "Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest\u0027s virtualised GPU memory." } ], "impacts": [ { "capecId": "CAPEC-480", "descriptions": [ { "lang": "en", "value": "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-13T10:37:03.187Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - rgxfw_kernel_CMD_DISABLE_ZSSTORE OOB write via ui32WriteOffsetOfDisableZSStore", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-52937", "datePublished": "2025-01-13T10:37:03.187Z", "dateReserved": "2024-11-18T04:55:52.554Z", "dateUpdated": "2025-01-13T15:56:26.099Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-47897 (GCVE-0-2024-47897)
Vulnerability from cvelistv5
Published
2025-01-13 10:28
Modified
2025-01-13 17:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Heap-based Buffer Overflow
Summary
Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 23.2 RTM2 < Patch: 24.3 RTM |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-47897", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-01-13T17:32:49.132519Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-13T17:34:03.429Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "lessThanOrEqual": "24.2 RTM2", "status": "affected", "version": "23.2 RTM2", "versionType": "custom" }, { "status": "unaffected", "version": "24.3 RTM", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSoftware installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots.\u003c/span\u003e" } ], "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots." } ], "impacts": [ { "capecId": "CAPEC-113", "descriptions": [ { "lang": "en", "value": "CAPEC-113: Interface Manipulation" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787: Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-13T10:28:03.266Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-47897", "datePublished": "2025-01-13T10:28:03.266Z", "dateReserved": "2024-10-04T16:08:49.937Z", "dateUpdated": "2025-01-13T17:34:03.429Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-56556 (GCVE-0-2024-56556)
Vulnerability from cvelistv5
Published
2024-12-27 14:23
Modified
2025-05-04 09:58
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
binder: fix node UAF in binder_add_freeze_work()
In binder_add_freeze_work() we iterate over the proc->nodes with the
proc->inner_lock held. However, this lock is temporarily dropped in
order to acquire the node->lock first (lock nesting order). This can
race with binder_node_release() and trigger a use-after-free:
==================================================================
BUG: KASAN: slab-use-after-free in _raw_spin_lock+0xe4/0x19c
Write of size 4 at addr ffff53c04c29dd04 by task freeze/640
CPU: 5 UID: 0 PID: 640 Comm: freeze Not tainted 6.11.0-07343-ga727812a8d45 #17
Hardware name: linux,dummy-virt (DT)
Call trace:
_raw_spin_lock+0xe4/0x19c
binder_add_freeze_work+0x148/0x478
binder_ioctl+0x1e70/0x25ac
__arm64_sys_ioctl+0x124/0x190
Allocated by task 637:
__kmalloc_cache_noprof+0x12c/0x27c
binder_new_node+0x50/0x700
binder_transaction+0x35ac/0x6f74
binder_thread_write+0xfb8/0x42a0
binder_ioctl+0x18f0/0x25ac
__arm64_sys_ioctl+0x124/0x190
Freed by task 637:
kfree+0xf0/0x330
binder_thread_read+0x1e88/0x3a68
binder_ioctl+0x16d8/0x25ac
__arm64_sys_ioctl+0x124/0x190
==================================================================
Fix the race by taking a temporary reference on the node before
releasing the proc->inner lock. This ensures the node remains alive
while in use.
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-56556", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-10T17:12:44.371493Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-10T17:21:08.457Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/android/binder.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "38fbefeb2c140b581ed7de8117a5c90d6dd89c22", "status": "affected", "version": "d579b04a52a183db47dfcb7a44304d7747d551e1", "versionType": "git" }, { "lessThan": "dc8aea47b928cc153b591b3558829ce42f685074", "status": "affected", "version": "d579b04a52a183db47dfcb7a44304d7747d551e1", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/android/binder.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.12" }, { "lessThan": "6.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.12.*", "status": "unaffected", "version": "6.12.4", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.13", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.4", "versionStartIncluding": "6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.13", "versionStartIncluding": "6.12", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix node UAF in binder_add_freeze_work()\n\nIn binder_add_freeze_work() we iterate over the proc-\u003enodes with the\nproc-\u003einner_lock held. However, this lock is temporarily dropped in\norder to acquire the node-\u003elock first (lock nesting order). This can\nrace with binder_node_release() and trigger a use-after-free:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in _raw_spin_lock+0xe4/0x19c\n Write of size 4 at addr ffff53c04c29dd04 by task freeze/640\n\n CPU: 5 UID: 0 PID: 640 Comm: freeze Not tainted 6.11.0-07343-ga727812a8d45 #17\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n _raw_spin_lock+0xe4/0x19c\n binder_add_freeze_work+0x148/0x478\n binder_ioctl+0x1e70/0x25ac\n __arm64_sys_ioctl+0x124/0x190\n\n Allocated by task 637:\n __kmalloc_cache_noprof+0x12c/0x27c\n binder_new_node+0x50/0x700\n binder_transaction+0x35ac/0x6f74\n binder_thread_write+0xfb8/0x42a0\n binder_ioctl+0x18f0/0x25ac\n __arm64_sys_ioctl+0x124/0x190\n\n Freed by task 637:\n kfree+0xf0/0x330\n binder_thread_read+0x1e88/0x3a68\n binder_ioctl+0x16d8/0x25ac\n __arm64_sys_ioctl+0x124/0x190\n ==================================================================\n\nFix the race by taking a temporary reference on the node before\nreleasing the proc-\u003einner lock. This ensures the node remains alive\nwhile in use." } ], "providerMetadata": { "dateUpdated": "2025-05-04T09:58:15.801Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/38fbefeb2c140b581ed7de8117a5c90d6dd89c22" }, { "url": "https://git.kernel.org/stable/c/dc8aea47b928cc153b591b3558829ce42f685074" } ], "title": "binder: fix node UAF in binder_add_freeze_work()", "x_generator": { "engine": "bippy-1.2.0" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2024-56556", "datePublished": "2024-12-27T14:23:02.556Z", "dateReserved": "2024-12-27T14:03:05.991Z", "dateUpdated": "2025-05-04T09:58:15.801Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-47894 (GCVE-0-2024-47894)
Vulnerability from cvelistv5
Published
2025-01-13 10:30
Modified
2025-01-13 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-823 - CWE - Use of Out-of-range Pointer Offset (4.16)
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-47894", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-13T17:29:53.009763Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-13T17:30:36.395Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "lessThanOrEqual": "24.2 RTM2", "status": "affected", "version": "1.15 RTM", "versionType": "custom" }, { "status": "unaffected", "version": "24.3 RTM", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest\u0027s virtualised GPU memory." } ], "value": "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest\u0027s virtualised GPU memory." } ], "impacts": [ { "capecId": "CAPEC-480", "descriptions": [ { "lang": "en", "value": "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-13T10:30:11.770Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - Out of bounds read into fwlog due to unchecked loop bounds", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-47894", "datePublished": "2025-01-13T10:30:11.770Z", "dateReserved": "2024-10-04T16:08:49.937Z", "dateUpdated": "2025-01-13T17:30:36.395Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-50264 (GCVE-0-2024-50264)
Vulnerability from cvelistv5
Published
2024-11-19 01:29
Modified
2025-05-04 09:50
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
During loopback communication, a dangling pointer can be created in
vsk->trans, potentially leading to a Use-After-Free condition. This
issue is resolved by initializing vsk->trans to NULL.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
► | Linux | Linux |
Version: 06a8fc78367d070720af960dcecec917d3ae5f3b Version: 06a8fc78367d070720af960dcecec917d3ae5f3b Version: 06a8fc78367d070720af960dcecec917d3ae5f3b Version: 06a8fc78367d070720af960dcecec917d3ae5f3b Version: 06a8fc78367d070720af960dcecec917d3ae5f3b Version: 06a8fc78367d070720af960dcecec917d3ae5f3b Version: 06a8fc78367d070720af960dcecec917d3ae5f3b Version: 06a8fc78367d070720af960dcecec917d3ae5f3b |
|
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-50264", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-11T14:48:50.387406Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-11T14:58:32.111Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/vmw_vsock/virtio_transport_common.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5f092a4271f6dccf88fe0d132475a17b69ef71df", "status": "affected", "version": "06a8fc78367d070720af960dcecec917d3ae5f3b", "versionType": "git" }, { "lessThan": "fd8ae346692a56b4437d626c5460c7104980f389", "status": "affected", "version": "06a8fc78367d070720af960dcecec917d3ae5f3b", "versionType": "git" }, { "lessThan": "eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1", "status": "affected", "version": "06a8fc78367d070720af960dcecec917d3ae5f3b", "versionType": "git" }, { "lessThan": "2a6a4e69f255b7aed17f93995691ab4f0d3c2203", "status": "affected", "version": "06a8fc78367d070720af960dcecec917d3ae5f3b", "versionType": "git" }, { "lessThan": "44d29897eafd0e1196453d3003a4d5e0b968eeab", "status": "affected", "version": "06a8fc78367d070720af960dcecec917d3ae5f3b", "versionType": "git" }, { "lessThan": "b110196fec44fe966952004bd426967c2a8fd358", "status": "affected", "version": "06a8fc78367d070720af960dcecec917d3ae5f3b", "versionType": "git" }, { "lessThan": "5f970935d09934222fdef3d0e20c648ea7a963c1", "status": "affected", "version": "06a8fc78367d070720af960dcecec917d3ae5f3b", "versionType": "git" }, { "lessThan": "6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f", "status": "affected", "version": "06a8fc78367d070720af960dcecec917d3ae5f3b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/vmw_vsock/virtio_transport_common.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.8" }, { "lessThan": "4.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.324", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.286", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.230", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.172", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.117", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.61", "versionType": "semver" }, { "lessThanOrEqual": "6.11.*", "status": "unaffected", "version": "6.11.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.12", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.19.324", "versionStartIncluding": "4.8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.4.286", "versionStartIncluding": "4.8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.230", "versionStartIncluding": "4.8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.172", "versionStartIncluding": "4.8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.117", "versionStartIncluding": "4.8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.6.61", "versionStartIncluding": "4.8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.11.8", "versionStartIncluding": "4.8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12", "versionStartIncluding": "4.8", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL." } ], "providerMetadata": { "dateUpdated": "2025-05-04T09:50:15.384Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5f092a4271f6dccf88fe0d132475a17b69ef71df" }, { "url": "https://git.kernel.org/stable/c/fd8ae346692a56b4437d626c5460c7104980f389" }, { "url": "https://git.kernel.org/stable/c/eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1" }, { "url": "https://git.kernel.org/stable/c/2a6a4e69f255b7aed17f93995691ab4f0d3c2203" }, { "url": "https://git.kernel.org/stable/c/44d29897eafd0e1196453d3003a4d5e0b968eeab" }, { "url": "https://git.kernel.org/stable/c/b110196fec44fe966952004bd426967c2a8fd358" }, { "url": "https://git.kernel.org/stable/c/5f970935d09934222fdef3d0e20c648ea7a963c1" }, { "url": "https://git.kernel.org/stable/c/6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f" } ], "title": "vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans", "x_generator": { "engine": "bippy-1.2.0" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2024-50264", "datePublished": "2024-11-19T01:29:59.511Z", "dateReserved": "2024-10-21T19:36:19.982Z", "dateUpdated": "2025-05-04T09:50:15.384Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-52936 (GCVE-0-2024-52936)
Vulnerability from cvelistv5
Published
2025-01-13 10:35
Modified
2025-01-31 16:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-823 - CWE - Use of Out-of-range Pointer Offset (4.16)
Summary
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Imagination Technologies | Graphics DDK |
Version: 1.15 RTM < Patch: 24.3 RTM |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-52936", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-31T16:15:06.601654Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-31T16:16:26.762Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux", "Android" ], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [ { "lessThanOrEqual": "24.2 RTM2", "status": "affected", "version": "1.15 RTM", "versionType": "custom" }, { "status": "unaffected", "version": "24.3 RTM", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eKernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest\u0027s virtualised GPU memory.\u003c/span\u003e\n\n\u003c/span\u003e" } ], "value": "Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest\u0027s virtualised GPU memory." } ], "impacts": [ { "capecId": "CAPEC-480", "descriptions": [ { "lang": "en", "value": "CAPEC - CAPEC-480: Escaping Virtualization (Version 3.9)" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE - CWE-823: Use of Out-of-range Pointer Offset (4.16)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-13T10:35:41.734Z", "orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech" }, "references": [ { "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/" } ], "source": { "discovery": "UNKNOWN" }, "title": "GPU DDK - rgxfw_hwperf_config OOB read \u0026 write", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "assignerShortName": "imaginationtech", "cveId": "CVE-2024-52936", "datePublished": "2025-01-13T10:35:41.734Z", "dateReserved": "2024-11-18T04:55:52.554Z", "dateUpdated": "2025-01-31T16:16:26.762Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-21430 (GCVE-0-2025-21430)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-07 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-126 - Buffer Over-read
Summary
Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: 315 5G IoT Modem Version: APQ8017 Version: APQ8064AU Version: AQT1000 Version: AR8031 Version: AR8035 Version: CSRA6620 Version: CSRA6640 Version: CSRB31024 Version: FastConnect 6200 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: Flight RB5 5G Platform Version: MDM9628 Version: MDM9640 Version: MSM8996AU Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA6174A Version: QCA6175A Version: QCA6310 Version: QCA6320 Version: QCA6335 Version: QCA6391 Version: QCA6420 Version: QCA6426 Version: QCA6430 Version: QCA6436 Version: QCA6554A Version: QCA6564 Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6688AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6777AQ Version: QCA6787AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCA9367 Version: QCA9377 Version: QCC2073 Version: QCC2076 Version: QCC710 Version: QCM2290 Version: QCM4290 Version: QCM5430 Version: QCM6125 Version: QCM6490 Version: QCM8550 Version: QCN6024 Version: QCN6224 Version: QCN6274 Version: QCN9011 Version: QCN9012 Version: QCN9024 Version: QCN9074 Version: QCN9274 Version: QCS2290 Version: QCS410 Version: QCS4290 Version: QCS5430 Version: QCS610 Version: QCS6125 Version: QCS615 Version: QCS6490 Version: QCS7230 Version: QCS8250 Version: QCS8300 Version: QCS8550 Version: QCS9100 Version: QEP8111 Version: QFW7114 Version: QFW7124 Version: QRB5165M Version: QRB5165N Version: Qualcomm 205 Mobile Platform Version: Qualcomm Video Collaboration VC1 Platform Version: Qualcomm Video Collaboration VC3 Platform Version: Qualcomm Video Collaboration VC5 Platform Version: Robotics RB3 Platform Version: Robotics RB5 Platform Version: SA2150P Version: SA4150P Version: SA4155P Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA7255P Version: SA7775P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SA8255P Version: SA8295P Version: SA8530P Version: SA8540P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SD 8 Gen1 5G Version: SD660 Version: SD730 Version: SD835 Version: SD855 Version: SD865 5G Version: SDM429W Version: SDX55 Version: SDX61 Version: SG4150P Version: SG8275P Version: SM4125 Version: SM4635 Version: SM6250 Version: SM7250P Version: SM8550P Version: Smart Audio 400 Platform Version: Snapdragon 210 Processor Version: Snapdragon 212 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 460 Mobile Platform Version: Snapdragon 660 Mobile Platform Version: Snapdragon 662 Mobile Platform Version: Snapdragon 675 Mobile Platform Version: Snapdragon 678 Mobile Platform (SM6150-AC) Version: Snapdragon 680 4G Mobile Platform Version: Snapdragon 685 4G Mobile Platform (SM6225-AD) Version: Snapdragon 690 5G Mobile Platform Version: Snapdragon 720G Mobile Platform Version: Snapdragon 730 Mobile Platform (SM7150-AA) Version: Snapdragon 730G Mobile Platform (SM7150-AB) Version: Snapdragon 732G Mobile Platform (SM7150-AC) Version: Snapdragon 750G 5G Mobile Platform Version: Snapdragon 765 5G Mobile Platform (SM7250-AA) Version: Snapdragon 765G 5G Mobile Platform (SM7250-AB) Version: Snapdragon 768G 5G Mobile Platform (SM7250-AC) Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8 Gen 2 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 2 Mobile Platform Version: Snapdragon 820 Automotive Platform Version: Snapdragon 835 Mobile PC Platform Version: Snapdragon 845 Mobile Platform Version: Snapdragon 855 Mobile Platform Version: Snapdragon 855+/860 Mobile Platform (SM8150-AC) Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon AR1 Gen 1 Platform Version: Snapdragon AR1 Gen 1 Platform "Luna1" Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon W5+ Gen 1 Wearable Platform Version: Snapdragon X35 5G Modem-RF System Version: Snapdragon X5 LTE Modem Version: Snapdragon X50 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X62 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: Snapdragon XR1 Platform Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: Snapdragon Auto 4G Modem Version: SRV1H Version: SRV1L Version: SRV1M Version: SW5100 Version: SW5100P Version: SXR1120 Version: SXR2130 Version: SXR2230P Version: SXR2250P Version: WCD9326 Version: WCD9335 Version: WCD9340 Version: WCD9341 Version: WCD9360 Version: WCD9370 Version: WCD9375 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3610 Version: WCN3620 Version: WCN3660B Version: WCN3680B Version: WCN3910 Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN3990 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-21430", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T15:09:52.967401Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T15:20:35.291Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Compute", "Snapdragon Consumer Electronics Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon Mobile", "Snapdragon Voice \u0026 Music", "Snapdragon WBC", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "315 5G IoT Modem" }, { "status": "affected", "version": "APQ8017" }, { "status": "affected", "version": "APQ8064AU" }, { "status": "affected", "version": "AQT1000" }, { "status": "affected", "version": "AR8031" }, { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "CSRA6620" }, { "status": "affected", "version": "CSRA6640" }, { "status": "affected", "version": "CSRB31024" }, { "status": "affected", "version": "FastConnect 6200" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "Flight RB5 5G Platform" }, { "status": "affected", "version": "MDM9628" }, { "status": "affected", "version": "MDM9640" }, { "status": "affected", "version": "MSM8996AU" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6175A" }, { "status": "affected", "version": "QCA6310" }, { "status": "affected", "version": "QCA6320" }, { "status": "affected", "version": "QCA6335" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6420" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6430" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6554A" }, { "status": "affected", "version": "QCA6564" }, { "status": "affected", "version": "QCA6564A" }, { "status": "affected", "version": "QCA6564AU" }, { "status": "affected", "version": "QCA6574" }, { "status": "affected", "version": "QCA6574A" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6688AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6777AQ" }, { "status": "affected", "version": "QCA6787AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCA9367" }, { "status": "affected", "version": "QCA9377" }, { "status": "affected", "version": "QCC2073" }, { "status": "affected", "version": "QCC2076" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCM2290" }, { "status": "affected", "version": "QCM4290" }, { "status": "affected", "version": "QCM5430" }, { "status": "affected", "version": "QCM6125" }, { "status": "affected", "version": "QCM6490" }, { "status": "affected", "version": "QCM8550" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9074" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS2290" }, { "status": "affected", "version": "QCS410" }, { "status": "affected", "version": "QCS4290" }, { "status": "affected", "version": "QCS5430" }, { "status": "affected", "version": "QCS610" }, { "status": "affected", "version": "QCS6125" }, { "status": "affected", "version": "QCS615" }, { "status": "affected", "version": "QCS6490" }, { "status": "affected", "version": "QCS7230" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QCS8300" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QCS9100" }, { "status": "affected", "version": "QEP8111" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QRB5165M" }, { "status": "affected", "version": "QRB5165N" }, { "status": "affected", "version": "Qualcomm 205 Mobile Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC1 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC5 Platform" }, { "status": "affected", "version": "Robotics RB3 Platform" }, { "status": "affected", "version": "Robotics RB5 Platform" }, { "status": "affected", "version": "SA2150P" }, { "status": "affected", "version": "SA4150P" }, { "status": "affected", "version": "SA4155P" }, { "status": "affected", "version": "SA6145P" }, { "status": "affected", "version": "SA6150P" }, { "status": "affected", "version": "SA6155" }, { "status": "affected", "version": "SA6155P" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8145P" }, { "status": "affected", "version": "SA8150P" }, { "status": "affected", "version": "SA8155" }, { "status": "affected", "version": "SA8155P" }, { "status": "affected", "version": "SA8195P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8530P" }, { "status": "affected", "version": "SA8540P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD660" }, { "status": "affected", "version": "SD730" }, { "status": "affected", "version": "SD835" }, { "status": "affected", "version": "SD855" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX61" }, { "status": "affected", "version": "SG4150P" }, { "status": "affected", "version": "SG8275P" }, { "status": "affected", "version": "SM4125" }, { "status": "affected", "version": "SM4635" }, { "status": "affected", "version": "SM6250" }, { "status": "affected", "version": "SM7250P" }, { "status": "affected", "version": "SM8550P" }, { "status": "affected", "version": "Smart Audio 400 Platform" }, { "status": "affected", "version": "Snapdragon 210 Processor" }, { "status": "affected", "version": "Snapdragon 212 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 460 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 660 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 662 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 675 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 678 Mobile Platform (SM6150-AC)" }, { "status": "affected", "version": "Snapdragon 680 4G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)" }, { "status": "affected", "version": "Snapdragon 690 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 720G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 730 Mobile Platform (SM7150-AA)" }, { "status": "affected", "version": "Snapdragon 730G Mobile Platform (SM7150-AB)" }, { "status": "affected", "version": "Snapdragon 732G Mobile Platform (SM7150-AC)" }, { "status": "affected", "version": "Snapdragon 750G 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 765 5G Mobile Platform (SM7250-AA)" }, { "status": "affected", "version": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)" }, { "status": "affected", "version": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 820 Automotive Platform" }, { "status": "affected", "version": "Snapdragon 835 Mobile PC Platform" }, { "status": "affected", "version": "Snapdragon 845 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\"" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon W5+ Gen 1 Wearable Platform" }, { "status": "affected", "version": "Snapdragon X35 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X5 LTE Modem" }, { "status": "affected", "version": "Snapdragon X50 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X62 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR1 Platform" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 4G Modem" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SW5100" }, { "status": "affected", "version": "SW5100P" }, { "status": "affected", "version": "SXR1120" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "SXR2250P" }, { "status": "affected", "version": "WCD9326" }, { "status": "affected", "version": "WCD9335" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9341" }, { "status": "affected", "version": "WCD9360" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3610" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3910" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN3990" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:58.168Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Buffer Over-read in WLAN Host" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2025-21430", "datePublished": "2025-04-07T10:15:58.168Z", "dateReserved": "2024-12-18T09:50:08.920Z", "dateUpdated": "2025-04-07T15:20:35.291Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-45549 (GCVE-0-2024-45549)
Vulnerability from cvelistv5
Published
2025-04-07 10:15
Modified
2025-04-07 16:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Summary
Information disclosure while creating MQ channels.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Qualcomm, Inc. | Snapdragon |
Version: AR8035 Version: FastConnect 6700 Version: FastConnect 6800 Version: FastConnect 6900 Version: FastConnect 7800 Version: QAM8255P Version: QAM8295P Version: QAM8620P Version: QAM8650P Version: QAM8775P Version: QAMSRV1H Version: QAMSRV1M Version: QCA6174A Version: QCA6391 Version: QCA6421 Version: QCA6426 Version: QCA6431 Version: QCA6436 Version: QCA6574AU Version: QCA6584AU Version: QCA6595 Version: QCA6595AU Version: QCA6678AQ Version: QCA6688AQ Version: QCA6696 Version: QCA6698AQ Version: QCA6797AQ Version: QCA8081 Version: QCA8337 Version: QCC710 Version: QCM4490 Version: QCM8550 Version: QCN6024 Version: QCN6224 Version: QCN6274 Version: QCN9011 Version: QCN9012 Version: QCN9024 Version: QCN9274 Version: QCS4490 Version: QCS7230 Version: QCS8250 Version: QCS8300 Version: QCS8550 Version: QCS9100 Version: QDU1000 Version: QDU1010 Version: QDU1110 Version: QDU1210 Version: QDX1010 Version: QDX1011 Version: QEP8111 Version: QFW7114 Version: QFW7124 Version: QMP1000 Version: QRU1032 Version: QRU1052 Version: QRU1062 Version: QSM8250 Version: Qualcomm Video Collaboration VC5 Platform Version: SA7255P Version: SA7775P Version: SA8255P Version: SA8295P Version: SA8530P Version: SA8540P Version: SA8620P Version: SA8650P Version: SA8770P Version: SA8775P Version: SA9000P Version: SC8380XP Version: SD 8 Gen1 5G Version: SD865 5G Version: SDM429W Version: SDX55 Version: SDX61 Version: SDX71M Version: SDX80M Version: SG8275P Version: SM4635 Version: SM6650 Version: SM7635 Version: SM7675 Version: SM7675P Version: SM8550P Version: SM8635 Version: SM8635P Version: SM8650Q Version: SM8735 Version: SM8750 Version: SM8750P Version: Snapdragon 4 Gen 2 Mobile Platform Version: Snapdragon 429 Mobile Platform Version: Snapdragon 8 Gen 1 Mobile Platform Version: Snapdragon 8 Gen 2 Mobile Platform Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon 8+ Gen 1 Mobile Platform Version: Snapdragon 8+ Gen 2 Mobile Platform Version: Snapdragon 865 5G Mobile Platform Version: Snapdragon 865+ 5G Mobile Platform (SM8250-AB) Version: Snapdragon 870 5G Mobile Platform (SM8250-AC) Version: Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) Version: Snapdragon AR1 Gen 1 Platform Version: Snapdragon AR1 Gen 1 Platform "Luna1" Version: Snapdragon AR2 Gen 1 Platform Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon Wear 4100+ Platform Version: Snapdragon X35 5G Modem-RF System Version: Snapdragon X55 5G Modem-RF System Version: Snapdragon X62 5G Modem-RF System Version: Snapdragon X65 5G Modem-RF System Version: Snapdragon X70 Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: Snapdragon XR2 5G Platform Version: Snapdragon XR2+ Gen 1 Platform Version: SRV1H Version: SRV1L Version: SRV1M Version: SSG2115P Version: SSG2125P Version: SXR1230P Version: SXR2130 Version: SXR2230P Version: SXR2250P Version: SXR2330P Version: TalynPlus Version: WCD9340 Version: WCD9370 Version: WCD9375 Version: WCD9378 Version: WCD9380 Version: WCD9385 Version: WCD9390 Version: WCD9395 Version: WCN3620 Version: WCN3660B Version: WCN3680B Version: WCN3950 Version: WCN3980 Version: WCN3988 Version: WCN6450 Version: WCN6650 Version: WCN6740 Version: WCN6755 Version: WCN7750 Version: WCN7860 Version: WCN7861 Version: WCN7880 Version: WCN7881 Version: WSA8810 Version: WSA8815 Version: WSA8830 Version: WSA8832 Version: WSA8835 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-45549", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T16:51:26.226415Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T16:54:13.006Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon CCW", "Snapdragon Compute", "Snapdragon Connectivity", "Snapdragon Consumer IOT", "Snapdragon Industrial IOT", "Snapdragon MC", "Snapdragon MDM", "Snapdragon Mobile", "Snapdragon Technology", "Snapdragon WBC", "Snapdragon Wearables" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "FastConnect 6700" }, { "status": "affected", "version": "FastConnect 6800" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QAM8255P" }, { "status": "affected", "version": "QAM8295P" }, { "status": "affected", "version": "QAM8620P" }, { "status": "affected", "version": "QAM8650P" }, { "status": "affected", "version": "QAM8775P" }, { "status": "affected", "version": "QAMSRV1H" }, { "status": "affected", "version": "QAMSRV1M" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6391" }, { "status": "affected", "version": "QCA6421" }, { "status": "affected", "version": "QCA6426" }, { "status": "affected", "version": "QCA6431" }, { "status": "affected", "version": "QCA6436" }, { "status": "affected", "version": "QCA6574AU" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6595" }, { "status": "affected", "version": "QCA6595AU" }, { "status": "affected", "version": "QCA6678AQ" }, { "status": "affected", "version": "QCA6688AQ" }, { "status": "affected", "version": "QCA6696" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA6797AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCM4490" }, { "status": "affected", "version": "QCM8550" }, { "status": "affected", "version": "QCN6024" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QCN9011" }, { "status": "affected", "version": "QCN9012" }, { "status": "affected", "version": "QCN9024" }, { "status": "affected", "version": "QCN9274" }, { "status": "affected", "version": "QCS4490" }, { "status": "affected", "version": "QCS7230" }, { "status": "affected", "version": "QCS8250" }, { "status": "affected", "version": "QCS8300" }, { "status": "affected", "version": "QCS8550" }, { "status": "affected", "version": "QCS9100" }, { "status": "affected", "version": "QDU1000" }, { "status": "affected", "version": "QDU1010" }, { "status": "affected", "version": "QDU1110" }, { "status": "affected", "version": "QDU1210" }, { "status": "affected", "version": "QDX1010" }, { "status": "affected", "version": "QDX1011" }, { "status": "affected", "version": "QEP8111" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "QMP1000" }, { "status": "affected", "version": "QRU1032" }, { "status": "affected", "version": "QRU1052" }, { "status": "affected", "version": "QRU1062" }, { "status": "affected", "version": "QSM8250" }, { "status": "affected", "version": "Qualcomm Video Collaboration VC5 Platform" }, { "status": "affected", "version": "SA7255P" }, { "status": "affected", "version": "SA7775P" }, { "status": "affected", "version": "SA8255P" }, { "status": "affected", "version": "SA8295P" }, { "status": "affected", "version": "SA8530P" }, { "status": "affected", "version": "SA8540P" }, { "status": "affected", "version": "SA8620P" }, { "status": "affected", "version": "SA8650P" }, { "status": "affected", "version": "SA8770P" }, { "status": "affected", "version": "SA8775P" }, { "status": "affected", "version": "SA9000P" }, { "status": "affected", "version": "SC8380XP" }, { "status": "affected", "version": "SD 8 Gen1 5G" }, { "status": "affected", "version": "SD865 5G" }, { "status": "affected", "version": "SDM429W" }, { "status": "affected", "version": "SDX55" }, { "status": "affected", "version": "SDX61" }, { "status": "affected", "version": "SDX71M" }, { "status": "affected", "version": "SDX80M" }, { "status": "affected", "version": "SG8275P" }, { "status": "affected", "version": "SM4635" }, { "status": "affected", "version": "SM6650" }, { "status": "affected", "version": "SM7635" }, { "status": "affected", "version": "SM7675" }, { "status": "affected", "version": "SM7675P" }, { "status": "affected", "version": "SM8550P" }, { "status": "affected", "version": "SM8635" }, { "status": "affected", "version": "SM8635P" }, { "status": "affected", "version": "SM8650Q" }, { "status": "affected", "version": "SM8735" }, { "status": "affected", "version": "SM8750" }, { "status": "affected", "version": "SM8750P" }, { "status": "affected", "version": "Snapdragon 4 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 429 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 1 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 8+ Gen 2 Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865 5G Mobile Platform" }, { "status": "affected", "version": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)" }, { "status": "affected", "version": "Snapdragon 870 5G Mobile Platform (SM8250-AC)" }, { "status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon AR1 Gen 1 Platform \"Luna1\"" }, { "status": "affected", "version": "Snapdragon AR2 Gen 1 Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon Wear 4100+ Platform" }, { "status": "affected", "version": "Snapdragon X35 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X55 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X62 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X65 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X70 Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon XR2 5G Platform" }, { "status": "affected", "version": "Snapdragon XR2+ Gen 1 Platform" }, { "status": "affected", "version": "SRV1H" }, { "status": "affected", "version": "SRV1L" }, { "status": "affected", "version": "SRV1M" }, { "status": "affected", "version": "SSG2115P" }, { "status": "affected", "version": "SSG2125P" }, { "status": "affected", "version": "SXR1230P" }, { "status": "affected", "version": "SXR2130" }, { "status": "affected", "version": "SXR2230P" }, { "status": "affected", "version": "SXR2250P" }, { "status": "affected", "version": "SXR2330P" }, { "status": "affected", "version": "TalynPlus" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9370" }, { "status": "affected", "version": "WCD9375" }, { "status": "affected", "version": "WCD9378" }, { "status": "affected", "version": "WCD9380" }, { "status": "affected", "version": "WCD9385" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WCN3620" }, { "status": "affected", "version": "WCN3660B" }, { "status": "affected", "version": "WCN3680B" }, { "status": "affected", "version": "WCN3950" }, { "status": "affected", "version": "WCN3980" }, { "status": "affected", "version": "WCN3988" }, { "status": "affected", "version": "WCN6450" }, { "status": "affected", "version": "WCN6650" }, { "status": "affected", "version": "WCN6740" }, { "status": "affected", "version": "WCN6755" }, { "status": "affected", "version": "WCN7750" }, { "status": "affected", "version": "WCN7860" }, { "status": "affected", "version": "WCN7861" }, { "status": "affected", "version": "WCN7880" }, { "status": "affected", "version": "WCN7881" }, { "status": "affected", "version": "WSA8810" }, { "status": "affected", "version": "WSA8815" }, { "status": "affected", "version": "WSA8830" }, { "status": "affected", "version": "WSA8832" }, { "status": "affected", "version": "WSA8835" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Information disclosure while creating MQ channels." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-497", "description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T10:15:43.251Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html" } ], "title": "Exposure of Sensitive System Information to an Unauthorized Control Sphere in KERNEL" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2024-45549", "datePublished": "2025-04-07T10:15:43.251Z", "dateReserved": "2024-09-02T10:26:15.222Z", "dateUpdated": "2025-04-07T16:54:13.006Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20656 (GCVE-0-2025-20656)
Vulnerability from cvelistv5
Published
2025-04-07 03:14
Modified
2025-04-07 13:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
MediaTek, Inc. | MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6895, MT6897, MT6983, MT6985, MT6989, MT6990, MT8196, MT8370, MT8390 |
Version: Android 12.0, 13.0, 14.0, 15.0 / openWRT 21.02, 23.05 / Yocto 4.0 / RDK-B 24Q1 |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2025-20656", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T13:57:10.925878Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T13:57:13.648Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6895, MT6897, MT6983, MT6985, MT6989, MT6990, MT8196, MT8370, MT8390", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 12.0, 13.0, 14.0, 15.0 / openWRT 21.02, 23.05 / Yocto 4.0 / RDK-B 24Q1" } ] } ], "descriptions": [ { "lang": "en", "value": "In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T03:14:49.018Z", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/April-2025" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2025-20656", "datePublished": "2025-04-07T03:14:49.018Z", "dateReserved": "2024-11-01T01:21:50.367Z", "dateUpdated": "2025-04-07T13:57:13.648Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20658 (GCVE-0-2025-20658)
Vulnerability from cvelistv5
Published
2025-04-07 03:14
Modified
2025-04-07 18:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
MediaTek, Inc. | MT2718, MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6895, MT6897, MT6983, MT6985, MT6989, MT8196, MT8673, MT8676, MT8678, MT8781 |
Version: Android 12.0, 13.0, 14.0, 15.0 |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2025-20658", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T14:19:21.779349Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-07T18:22:01.666Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "MT2718, MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6895, MT6897, MT6983, MT6985, MT6989, MT8196, MT8673, MT8676, MT8678, MT8781", "vendor": "MediaTek, Inc.", "versions": [ { "status": "affected", "version": "Android 12.0, 13.0, 14.0, 15.0" } ] } ], "descriptions": [ { "lang": "en", "value": "In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-07T03:14:52.452Z", "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek" }, "references": [ { "url": "https://corp.mediatek.com/product-security-bulletin/April-2025" } ] } }, "cveMetadata": { "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "assignerShortName": "MediaTek", "cveId": "CVE-2025-20658", "datePublished": "2025-04-07T03:14:52.452Z", "dateReserved": "2024-11-01T01:21:50.367Z", "dateUpdated": "2025-04-07T18:22:01.666Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-53197 (GCVE-0-2024-53197)
Vulnerability from cvelistv5
Published
2024-12-27 13:49
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
A bogus device can provide a bNumConfigurations value that exceeds the
initial value used in usb_get_configuration for allocating dev->config.
This can lead to out-of-bounds accesses later, e.g. in
usb_destroy_configuration.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
► | Linux | Linux |
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 |
|
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-53197", "options": [ { "Exploitation": "active" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-09T18:17:11.337680Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2025-04-09", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53197" }, "type": "kev" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-30T01:36:23.257Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2025-04-09T00:00:00+00:00", "value": "CVE-2024-53197 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "sound/usb/quirks.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "0b4ea4bfe16566b84645ded1403756a2dc4e0f19", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "9b8460a2a7ce478e0b625af7c56d444dc24190f7", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "62dc01c83fa71e10446ee4c31e0e3d5d1291e865", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "9887d859cd60727432a01564e8f91302d361b72b", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "920a369a9f014f10ec282fd298d0666129379f1b", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "b8f8b81dabe52b413fe9e062e8a852c48dd0680d", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "379d3b9799d9da953391e973b934764f01e03960", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "b521b53ac6eb04e41c03f46f7fe452e4d8e9bcca", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" }, { "lessThan": "b909df18ce2a998afef81d58bbd1a05dc0788c40", "status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "sound/usb/quirks.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.12" }, { "lessThan": "2.6.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.325", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.287", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.231", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.174", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.120", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.64", "versionType": "semver" }, { "lessThanOrEqual": "6.11.*", "status": "unaffected", "version": "6.11.11", "versionType": "semver" }, { "lessThanOrEqual": "6.12.*", "status": "unaffected", "version": "6.12.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.13", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.19.325", "versionStartIncluding": "2.6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.4.287", "versionStartIncluding": "2.6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.231", "versionStartIncluding": "2.6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.174", "versionStartIncluding": "2.6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.120", "versionStartIncluding": "2.6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.6.64", "versionStartIncluding": "2.6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.11.11", "versionStartIncluding": "2.6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.2", "versionStartIncluding": "2.6.12", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.13", "versionStartIncluding": "2.6.12", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices\n\nA bogus device can provide a bNumConfigurations value that exceeds the\ninitial value used in usb_get_configuration for allocating dev-\u003econfig.\n\nThis can lead to out-of-bounds accesses later, e.g. in\nusb_destroy_configuration." } ], "providerMetadata": { "dateUpdated": "2025-05-04T09:55:32.524Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/0b4ea4bfe16566b84645ded1403756a2dc4e0f19" }, { "url": "https://git.kernel.org/stable/c/9b8460a2a7ce478e0b625af7c56d444dc24190f7" }, { "url": "https://git.kernel.org/stable/c/62dc01c83fa71e10446ee4c31e0e3d5d1291e865" }, { "url": "https://git.kernel.org/stable/c/9887d859cd60727432a01564e8f91302d361b72b" }, { "url": "https://git.kernel.org/stable/c/920a369a9f014f10ec282fd298d0666129379f1b" }, { "url": "https://git.kernel.org/stable/c/b8f8b81dabe52b413fe9e062e8a852c48dd0680d" }, { "url": "https://git.kernel.org/stable/c/379d3b9799d9da953391e973b934764f01e03960" }, { "url": "https://git.kernel.org/stable/c/b521b53ac6eb04e41c03f46f7fe452e4d8e9bcca" }, { "url": "https://git.kernel.org/stable/c/b909df18ce2a998afef81d58bbd1a05dc0788c40" } ], "title": "ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices", "x_generator": { "engine": "bippy-1.2.0" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2024-53197", "datePublished": "2024-12-27T13:49:39.260Z", "dateReserved": "2024-11-19T17:17:25.015Z", "dateUpdated": "2025-07-30T01:36:23.257Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…