Vulnerability-Lookup

CVE-2024-21455 (GCVE-0-2024-21455)

Vulnerability from cvelistv5 – Published: 2024-10-07 12:58 – Updated: 2024-10-07 13:19

Title

Untrusted Pointer Dereference in DSP Service

Summary

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-822 - Untrusted Pointer Dereference

Assigner

qualcomm

References

URL

Tags

https://docs.qualcomm.com/product/publicresources…

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: QAM8295P Affected: QCA6584AU Affected: QCA6595 Affected: QCA6688AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCM6125 Affected: QCS6125 Affected: Qualcomm Video Collaboration VC1 Platform Affected: SA8295P Affected: SG4150P Affected: Snapdragon 680 4G Mobile Platform Affected: Snapdragon 685 4G Mobile Platform (SM6225-AD) Affected: Snapdragon Auto 5G Modem-RF Gen 2 Affected: WCD9370 Affected: WCD9375 Affected: WCN3950 Affected: WCN3980 Affected: WSA8810 Affected: WSA8815

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qam8295p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6584au_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6595_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6688aq_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6696_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qca6698aq_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcm6125_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qcs6125_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qualcomm_video_collaboration_vc1_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sa8295p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sg4150p_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_680_4g_mobile_platform_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "snapdragon_auto_5g_modem-rf_gen_2_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9370_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcd9375_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3950_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wcn3980_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8810_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wsa8815_firmware",
            "vendor": "qualcomm",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21455",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T13:19:35.212684Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T13:19:44.091Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Industrial IOT"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6688AQ"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCM6125"
            },
            {
              "status": "affected",
              "version": "QCS6125"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC1 Platform"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SG4150P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 680 4G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 5G Modem-RF Gen 2"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-822",
              "description": "CWE-822 Untrusted Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-07T12:58:42.341Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html"
        }
      ],
      "title": "Untrusted Pointer Dereference in DSP Service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2024-21455",
    "datePublished": "2024-10-07T12:58:42.341Z",
    "dateReserved": "2023-12-12T06:07:46.903Z",
    "dateUpdated": "2024-10-07T13:19:44.091Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-21455\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-07T13:19:35.212684Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qam8295p_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qca6584au_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qca6595_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qca6688aq_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qca6696_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qca6698aq_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qcm6125_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qcs6125_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"qualcomm_video_collaboration_vc1_platform_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"sa8295p_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"sg4150p_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"snapdragon_680_4g_mobile_platform_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"snapdragon_auto_5g_modem-rf_gen_2_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wcd9370_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wcd9375_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wcn3950_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wcn3980_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wsa8810_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"qualcomm\", \"product\": \"wsa8815_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"*\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-07T13:19:29.592Z\"}}], \"cna\": {\"title\": \"Untrusted Pointer Dereference in DSP Service\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Qualcomm, Inc.\", \"product\": \"Snapdragon\", \"versions\": [{\"status\": \"affected\", \"version\": \"QAM8295P\"}, {\"status\": \"affected\", \"version\": \"QCA6584AU\"}, {\"status\": \"affected\", \"version\": \"QCA6595\"}, {\"status\": \"affected\", \"version\": \"QCA6688AQ\"}, {\"status\": \"affected\", \"version\": \"QCA6696\"}, {\"status\": \"affected\", \"version\": \"QCA6698AQ\"}, {\"status\": \"affected\", \"version\": \"QCM6125\"}, {\"status\": \"affected\", \"version\": \"QCS6125\"}, {\"status\": \"affected\", \"version\": \"Qualcomm Video Collaboration VC1 Platform\"}, {\"status\": \"affected\", \"version\": \"SA8295P\"}, {\"status\": \"affected\", \"version\": \"SG4150P\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 680 4G Mobile Platform\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 685 4G Mobile Platform (SM6225-AD)\"}, {\"status\": \"affected\", \"version\": \"Snapdragon Auto 5G Modem-RF Gen 2\"}, {\"status\": \"affected\", \"version\": \"WCD9370\"}, {\"status\": \"affected\", \"version\": \"WCD9375\"}, {\"status\": \"affected\", \"version\": \"WCN3950\"}, {\"status\": \"affected\", \"version\": \"WCN3980\"}, {\"status\": \"affected\", \"version\": \"WSA8810\"}, {\"status\": \"affected\", \"version\": \"WSA8815\"}], \"platforms\": [\"Snapdragon Auto\", \"Snapdragon Compute\", \"Snapdragon Industrial IOT\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-822\", \"description\": \"CWE-822 Untrusted Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"shortName\": \"qualcomm\", \"dateUpdated\": \"2024-10-07T12:58:42.341Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-21455\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-07T13:19:44.091Z\", \"dateReserved\": \"2023-12-12T06:07:46.903Z\", \"assignerOrgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"datePublished\": \"2024-10-07T12:58:42.341Z\", \"assignerShortName\": \"qualcomm\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2024-AVI-0944

Vulnerability from certfr_avis - Published: 2024-11-05 - Updated: 2024-11-05

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données. Google indique que les vulnérabilités CVE-2024-43047 et CVE-2024-43093 sont activement exploitées dans le cadre d'attaques ciblées.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Google	Android	Android versions antérieures à 12, 12L, 13, 14 et 15 avant le correctif du 5 novembre 2024

References

Title

Publication Time

FKIE_CVE-2024-21455

Vulnerability from fkie_nvd - Published: 2024-10-07 13:15 - Updated: 2025-08-11 15:06

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.

References

	URL	Tags
	product-security@qualcomm.com	https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html	Vendor Advisory

Impacted products

Vendor	Product	Version
qualcomm	video_collaboration_vc1_platform_firmware	-
qualcomm	video_collaboration_vc1_platform	-
qualcomm	wsa8815_firmware	-
qualcomm	wsa8815	-
qualcomm	wsa8810_firmware	-
qualcomm	wsa8810	-
qualcomm	wcn3980_firmware	-
qualcomm	wcn3980	-
qualcomm	wcn3950_firmware	-
qualcomm	wcn3950	-
qualcomm	wcd9375_firmware	-
qualcomm	wcd9375	-
qualcomm	wcd9370_firmware	-
qualcomm	wcd9370	-
qualcomm	snapdragon_auto_5g_modem-rf_gen_2_firmware	-
qualcomm	snapdragon_auto_5g_modem-rf_gen_2	-
qualcomm	snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware	-
qualcomm	snapdragon_685_4g_mobile_platform_\(sm6225-ad\)	-
qualcomm	snapdragon_680_4g_mobile_platform_firmware	-
qualcomm	snapdragon_680_4g_mobile_platform	-
qualcomm	sg4150p_firmware	-
qualcomm	sg4150p	-
qualcomm	sa8295p_firmware	-
qualcomm	sa8295p	-
qualcomm	qcs6125_firmware	-
qualcomm	qcs6125	-
qualcomm	qcm6125_firmware	-
qualcomm	qcm6125	-
qualcomm	qca6698aq_firmware	-
qualcomm	qca6698aq	-
qualcomm	qca6696_firmware	-
qualcomm	qca6696	-
qualcomm	qca6688aq_firmware	-
qualcomm	qca6688aq	-
qualcomm	qca6595_firmware	-
qualcomm	qca6595	-
qualcomm	qca6584au_firmware	-
qualcomm	qca6584au	-
qualcomm	qam8295p_firmware	-
qualcomm	qam8295p	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3607443-848D-4334-B5E4-0DC27F28509B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:video_collaboration_vc1_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E8F00DD-C894-4236-8932-7F7FCD15D2A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE5FCA7F-1FBE-42AA-B4E6-09CEA02A33EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2D789BC-43F5-40FB-A191-163C01BA5FBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_\\(sm6225-ad\\)_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2C43376-1ACC-42FF-873F-3B0372EE71A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform_\\(sm6225-ad\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BC09AF-6057-45A1-BEB8-AF9F4CBF3F5E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D0ED00F-1345-43AD-83C6-E979890B84AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C28019-B57D-4487-B551-F7B53395C6E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4468EA5D-87B0-4FEC-A3DB-617651B0D169",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DA2C3E1-E285-4CAD-9FA3-813C8EC436F6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB226552-52D9-44F5-A170-35C44761A72B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3F7853D-09EE-476F-B48D-BB30AEB4A67D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFBD264F-F24A-4CDD-B316-9514A61B91E7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6688aq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94CC5BC4-011D-4D2B-8891-97FBF61FD783",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "643EC76D-2836-48E6-81DA-78C4883C33CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "477F6529-4CE1-44FC-B6EE-D24D44C71AE7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3DDA896-576C-44B8-85B6-F71F473F776B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51A87BDA-5B24-4212-BAB3-D2BBB2F4162E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver."
    },
    {
      "lang": "es",
      "value": "Corrupci\u00f3n de memoria cuando una llamada IOCTL de compatibilidad es seguida por otra llamada IOCTL desde el espacio de usuario a un controlador."
    }
  ],
  "id": "CVE-2024-21455",
  "lastModified": "2025-08-11T15:06:17.607",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "product-security@qualcomm.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-07T13:15:10.360",
  "references": [
    {
      "source": "product-security@qualcomm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html"
    }
  ],
  "sourceIdentifier": "product-security@qualcomm.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-822"
        }
      ],
      "source": "product-security@qualcomm.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-5VGV-F6WH-XQ94

Vulnerability from github – Published: 2024-10-07 15:31 – Updated: 2024-10-07 15:31

Details

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-21455"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-822"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-07T13:15:10Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.",
  "id": "GHSA-5vgv-f6wh-xq94",
  "modified": "2024-10-07T15:31:38Z",
  "published": "2024-10-07T15:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21455"
    },
    {
      "type": "WEB",
      "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2024-21455

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-21455

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-21455"
      ],
      "id": "GSD-2024-21455",
      "modified": "2023-12-13T01:21:42.770768Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-21455",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-21455 (GCVE-0-2024-21455)

CERTFR-2024-AVI-0944

Solutions

FKIE_CVE-2024-21455

GHSA-5VGV-F6WH-XQ94

GSD-2024-21455

Tags

Sightings

Nomenclature