CVE-2024-33059

HIGH EPSS 2.8%
Published Jan 6, 20251y ago ยท Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Jan 6, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

Memory corruption while processing frame command IOCTL calls.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 32

VendorProductVersionRange
qualcommfastconnect_6900_firmware*any
qualcommfastconnect_6900*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqcm8550_firmware*any
qualcommqcm8550*any
qualcommqcs8550_firmware*any
qualcommqcs8550*any
qualcommsg8275p_firmware*any
qualcommsg8275p*any
qualcommsm8550p_firmware*any
qualcommsm8550p*any
qualcommsnapdragon_8_gen_2_mobile_firmware*any
qualcommsnapdragon_8_gen_2_mobile*any
qualcommsnapdragon_8_gen_3_mobile_firmware*any
qualcommsnapdragon_8_gen_3_mobile*any
qualcommsnapdragon_8\+_gen_2_mobile_firmware*any
qualcommsnapdragon_8\+_gen_2_mobile*any
qualcommwcd9380_firmware*any
qualcommwcd9380*any
qualcommwcd9385_firmware*any
qualcommwcd9385*any
qualcommwcd9390_firmware*any
qualcommwcd9390*any
qualcommwcd9395_firmware*any
qualcommwcd9395*any
qualcommwsa8840_firmware*any
qualcommwsa8840*any
qualcommwsa8845_firmware*any
qualcommwsa8845*any
qualcommwsa8845h_firmware*any
qualcommwsa8845h*any

References 1

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html
    PatchVendor Advisory

Remediation

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html
    PatchVendor Advisory