ГлавнаяУязвимости → CVE-2024-23369
7.8высокая

CVE-2024-23369

Описание

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.

Затрагиваемое ПО
Qualcomm Snapdragon 888\+ 5g mobile platform \(sm8350-ac\) firmwareQualcomm Snapdragon 888\+ 5g mobile platform \(sm8350-ac\)Qualcomm Snapdragon 865\+ 5g mobile platform \(sm8250-ab\) firmwareQualcomm Snapdragon 865\+ 5g mobile platform \(sm8250-ab\)Qualcomm Wsa8845h firmwareQualcomm Wsa8845hQualcomm Wsa8845 firmwareQualcomm Wsa8845Qualcomm Wsa8840 firmwareQualcomm Wsa8840Qualcomm Wsa8835 firmwareQualcomm Wsa8835Qualcomm Wsa8832 firmwareQualcomm Wsa8832Qualcomm Wsa8830 firmwareQualcomm Wsa8830Qualcomm Wsa8815 firmwareQualcomm Wsa8815Qualcomm Wsa8810 firmwareQualcomm Wsa8810Qualcomm Wcn6755 firmwareQualcomm Wcn6755Qualcomm Wcn3988 firmwareQualcomm Wcn3988Qualcomm Wcn3950 firmware
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html