CVE-2024-33035

HIGH EPSS 2.8%
Published Sep 2, 20241y ago ยท Modified Jun 17, 20262w ago
8.4 CVSS 3.1
High
Find Similar
Published Sep 2, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.

CVSS Details

Base Score
8.4
Exploitability
2.5
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-190 Integer Overflow or Wraparound Numeric Error

Affected Products 180

VendorProductVersionRange
qualcommqam8255p_firmware*any
qualcommqam8255p*any
qualcommqam8620p_firmware*any
qualcommqam8620p*any
qualcommqam8650p_firmware*any
qualcommqam8650p*any
qualcommqam8775p_firmware*any
qualcommqam8775p*any
qualcommqamsrv1h_firmware*any
qualcommqamsrv1h*any
qualcommqamsrv1m_firmware*any
qualcommqamsrv1m*any
qualcommqca6391_firmware*any
qualcommqca6391*any
qualcommqca6426_firmware*any
qualcommqca6426*any
qualcommqca6436_firmware*any
qualcommqca6436*any
qualcommqca6574_firmware*any
qualcommqca6574*any
qualcommqca6574a_firmware*any
qualcommqca6574a*any
qualcommqca6574au_firmware*any
qualcommqca6574au*any
qualcommqca6595au_firmware*any
qualcommqca6595au*any
qualcommqca6696_firmware*any
qualcommqca6696*any
qualcommqcm4490_firmware*any
qualcommqcm4490*any
qualcommqcs4490_firmware*any
qualcommqcs4490*any
qualcommqcs6490_firmware*any
qualcommqcs6490*any
qualcommvideo_collaboration_vc3_platform_firmware*any
qualcommvideo_collaboration_vc3_platform*any
qualcommsa4150p_firmware*any
qualcommsa4150p*any
qualcommsa4155p_firmware*any
qualcommsa4155p*any
qualcommsa6145p_firmware*any
qualcommsa6145p*any
qualcommsa6150p_firmware*any
qualcommsa6150p*any
qualcommsa6155_firmware*any
qualcommsa6155*any
qualcommsa6155p_firmware*any
qualcommsa6155p*any
qualcommsa7255p_firmware*any
qualcommsa7255p*any
qualcommsa7775p_firmware*any
qualcommsa7775p*any
qualcommsa8145p_firmware*any
qualcommsa8145p*any
qualcommsa8150p_firmware*any
qualcommsa8150p*any
qualcommsa8155_firmware*any
qualcommsa8155*any
qualcommsa8155p_firmware*any
qualcommsa8155p*any
qualcommsa8195p_firmware*any
qualcommsa8195p*any
qualcommsa8255p_firmware*any
qualcommsa8255p*any
qualcommsa8530p_firmware*any
qualcommsa8530p*any
qualcommsa8540p_firmware*any
qualcommsa8540p*any
qualcommsa8620p_firmware*any
qualcommsa8620p*any
qualcommsa8650p_firmware*any
qualcommsa8650p*any
qualcommsa8770p_firmware*any
qualcommsa8770p*any
qualcommsa8775p_firmware*any
qualcommsa8775p*any
qualcommsa9000p_firmware*any
qualcommsa9000p*any
qualcommsd_8_gen1_5g_firmware*any
qualcommsd_8_gen1_5g*any
qualcommfastconnect_6200_firmware*any
qualcommfastconnect_6200*any
qualcommfastconnect_6700_firmware*any
qualcommfastconnect_6700*any
qualcommfastconnect_6800_firmware*any
qualcommfastconnect_6800*any
qualcommfastconnect_6900_firmware*any
qualcommfastconnect_6900*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommsd865_5g_firmware*any
qualcommsd865_5g*any
qualcommsm4125_firmware*any
qualcommsm4125*any
qualcommsm6370_firmware*any
qualcommsm6370*any
qualcommsnapdragon_4_gen_1_mobile_platform_firmware*any
qualcommsnapdragon_4_gen_1_mobile_platform*any
qualcommsnapdragon_4_gen_2_mobile_platform_firmware*any
qualcommsnapdragon_4_gen_2_mobile_platform*any
qualcommsnapdragon_460_mobile_platform_firmware*any
qualcommsnapdragon_460_mobile_platform*any
qualcommsnapdragon_480_5g_mobile_platform_firmware*any
qualcommsnapdragon_480_5g_mobile_platform*any
qualcommsnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware*any
qualcommsnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)*any
qualcommsnapdragon_662_mobile_platform_firmware*any
qualcommsnapdragon_662_mobile_platform*any
qualcommsnapdragon_680_4g_mobile_platform_firmware*any
qualcommsnapdragon_680_4g_mobile_platform*any
qualcommsnapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware*any
qualcommsnapdragon_685_4g_mobile_platform_\(sm6225-ad\)*any
qualcommsnapdragon_695_5g_mobile_platform_firmware*any
qualcommsnapdragon_695_5g_mobile_platform*any
qualcommsnapdragon_8_gen_1_mobile_platform_firmware*any
qualcommsnapdragon_8_gen_1_mobile_platform*any
qualcommsnapdragon_8\+_gen_1_mobile_platform_firmware*any
qualcommsnapdragon_8\+_gen_1_mobile_platform*any
qualcommsnapdragon_865_5g_mobile_platform_firmware*any
qualcommsnapdragon_865_5g_mobile_platform*any
qualcommsnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware*any
qualcommsnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)*any
qualcommsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware*any
qualcommsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)*any
qualcommsnapdragon_w5\+_gen_1_wearable_platform_firmware*any
qualcommsnapdragon_w5\+_gen_1_wearable_platform*any
qualcommsnapdragon_x55_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x55_5g_modem-rf_system*any
qualcommsnapdragon_xr2_5g_platform_firmware*any
qualcommsnapdragon_xr2_5g_platform*any
qualcommsrv1h_firmware*any
qualcommsrv1h*any
qualcommsrv1l_firmware*any
qualcommsrv1l*any
qualcommsrv1m_firmware*any
qualcommsrv1m*any
qualcommssg2115p_firmware*any
qualcommssg2115p*any
qualcommssg2125p_firmware*any
qualcommssg2125p*any
qualcommsw5100_firmware*any
qualcommsw5100*any
qualcommsw5100p_firmware*any
qualcommsw5100p*any
qualcommsxr1230p_firmware*any
qualcommsxr1230p*any
qualcommsxr2130_firmware*any
qualcommsxr2130*any
qualcommtalynplus_firmware*any
qualcommtalynplus*any
qualcommwcd9326_firmware*any
qualcommwcd9326*any
qualcommwcd9335_firmware*any
qualcommwcd9335*any
qualcommwcd9370_firmware*any
qualcommwcd9370*any
qualcommwcd9375_firmware*any
qualcommwcd9375*any
qualcommwcd9380_firmware*any
qualcommwcd9380*any
qualcommwcd9385_firmware*any
qualcommwcd9385*any
qualcommwcn3910_firmware*any
qualcommwcn3910*any
qualcommwcn3950_firmware*any
qualcommwcn3950*any
qualcommwcn3980_firmware*any
qualcommwcn3980*any
qualcommwcn3988_firmware*any
qualcommwcn3988*any
qualcommwsa8810_firmware*any
qualcommwsa8810*any
qualcommwsa8815_firmware*any
qualcommwsa8815*any
qualcommwsa8830_firmware*any
qualcommwsa8830*any
qualcommwsa8832_firmware*any
qualcommwsa8832*any
qualcommwsa8835_firmware*any
qualcommwsa8835*any

References 1

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.