CVE-2024-38401

HIGH EPSS 2.7%
Published Sep 2, 20241y ago ยท Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Sep 2, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

Memory corruption while processing concurrent IOCTL calls.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 80

VendorProductVersionRange
qualcommar8035_firmware*any
qualcommar8035*any
qualcommc-v2x_9150_firmware*any
qualcommc-v2x_9150*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqca6574a_firmware*any
qualcommqca6574a*any
qualcommqca6584au_firmware*any
qualcommqca6584au*any
qualcommqca6595au_firmware*any
qualcommqca6595au*any
qualcommqca6696_firmware*any
qualcommqca6696*any
qualcommqca6698aq_firmware*any
qualcommqca6698aq*any
qualcommqca8081_firmware*any
qualcommqca8081*any
qualcommqca8337_firmware*any
qualcommqca8337*any
qualcommqcc710_firmware*any
qualcommqcc710*any
qualcommqcn6224_firmware*any
qualcommqcn6224*any
qualcommqcn6274_firmware*any
qualcommqcn6274*any
qualcommqcs410_firmware*any
qualcommqcs410*any
qualcommqcs610_firmware*any
qualcommqcs610*any
qualcommqfw7114_firmware*any
qualcommqfw7114*any
qualcommqfw7124_firmware*any
qualcommqfw7124*any
qualcommvideo_collaboration_vc1_platform_firmware*any
qualcommvideo_collaboration_vc1_platform*any
qualcommvideo_collaboration_vc3_platform_firmware*any
qualcommvideo_collaboration_vc3_platform*any
qualcommsdx55_firmware*any
qualcommsdx55*any
qualcommsnapdragon_auto_5g_modem-rf_firmware*any
qualcommsnapdragon_auto_5g_modem-rf*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2_firmware*any
qualcommsnapdragon_auto_5g_modem-rf_gen_2*any
qualcommsnapdragon_w5\+_gen_1_wearable_firmware*any
qualcommsnapdragon_w5\+_gen_1_wearable*any
qualcommsnapdragon_x72_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x72_5g_modem-rf_system*any
qualcommsnapdragon_x75_5g_modem-rf_system_firmware*any
qualcommsnapdragon_x75_5g_modem-rf_system*any
qualcommsw5100_firmware*any
qualcommsw5100*any
qualcommsw5100p_firmware*any
qualcommsw5100p*any
qualcommwcd9340_firmware*any
qualcommwcd9340*any
qualcommwcd9341_firmware*any
qualcommwcd9341*any
qualcommwcd9360_firmware*any
qualcommwcd9360*any
qualcommwcd9370_firmware*any
qualcommwcd9370*any
qualcommwcn3660b_firmware*any
qualcommwcn3660b*any
qualcommwcn3680b_firmware*any
qualcommwcn3680b*any
qualcommwcn3950_firmware*any
qualcommwcn3950*any
qualcommwcn3980_firmware*any
qualcommwcn3980*any
qualcommwcn3988_firmware*any
qualcommwcn3988*any
qualcommwsa8810_firmware*any
qualcommwsa8810*any
qualcommwsa8815_firmware*any
qualcommwsa8815*any
qualcommwsa8830_firmware*any
qualcommwsa8830*any
qualcommwsa8835_firmware*any
qualcommwsa8835*any

References 1

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html
    PatchVendor Advisory

Remediation

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html
    PatchVendor Advisory