CVE-2024-33052

Published Sep 2, 2024

Last updated 9 months ago

CVSS high 7.8
Mobile device

Overview

Description
Memory corruption when user provides data for FM HCI command control operations.
Source
product-security@qualcomm.com
NVD status
Analyzed
Products
apq8017_firmware, aqt1000_firmware, fastconnect_6200_firmware, fastconnect_6700_firmware, fastconnect_6800_firmware, fastconnect_6900_firmware, fastconnect_7800_firmware, msm8108_firmware, msm8209_firmware, msm8608_firmware, msm8909w_firmware, msm8996au_firmware, qam8255p_firmware, qam8295p_firmware, qam8775p_firmware, qca6310_firmware, qca6320_firmware, qca6335_firmware, qca6391_firmware, qca6420_firmware, qca6421_firmware, qca6426_firmware, qca6430_firmware, qca6431_firmware, qca6436_firmware, qca6564_firmware, qca6564a_firmware, qca6564au_firmware, qca6574_firmware, qca6574a_firmware, qca6574au_firmware, qca6595_firmware, qca6595au_firmware, qca6696_firmware, qca6698aq_firmware, qcm2150_firmware, qcm2290_firmware, qcm4290_firmware, qcm4325_firmware, qcm4490_firmware, qcm5430_firmware, qcm6125_firmware, qcm6490_firmware, qcm8550_firmware, qcs2290_firmware, qcs410_firmware, qcs4290_firmware, qcs4490_firmware, qcs5430_firmware, qcs610_firmware, qcs6125_firmware, qcs6490_firmware, qcs7230_firmware, qcs8250_firmware, qcs8550_firmware, 205_mobile_firmware, 215_mobile_firmware, video_collaboration_vc1_platform_firmware, video_collaboration_vc3_platform_firmware, video_collaboration_vc5_platform_firmware, robotics_rb3_firmware, sa4150p_firmware, sa4155p_firmware, sa6145p_firmware, sa6150p_firmware, sa6155_firmware, sa6155p_firmware, sa8145p_firmware, sa8150p_firmware, sa8155_firmware, sa8155p_firmware, sa8195p_firmware, sa8255p_firmware, sa8295p_firmware, sa8770p_firmware, sa8775p_firmware, sa9000p_firmware, sd_8_gen1_5g_firmware, sd626_firmware, sd660_firmware, sd670_firmware, sd730_firmware, sd835_firmware, sd855_firmware, sd865_5g_firmware, sd888_firmware, sdm429w_firmware, sdx55_firmware, sg4150p_firmware, sm6250_firmware, sm7250p_firmware, sm7315_firmware, sm7325p_firmware, sm7435_firmware, sm8550p_firmware, sm8635_firmware, sm8750_firmware, smart_audio_200_firmware, smart_display_200_firmware, snapdragon_208_firmware, snapdragon_210_firmware, snapdragon_212_mobile_firmware, snapdragon_4_gen_1_mobile_firmware, snapdragon_4_gen_2_mobile_firmware, snapdragon_425_mobile_firmware, snapdragon_429_mobile_firmware, snapdragon_439_mobile_firmware, snapdragon_460_mobile_firmware, snapdragon_480_5g_mobile_firmware, snapdragon_480\+_5g_mobile_firmware, snapdragon_6_gen_1_mobile_firmware, snapdragon_625_mobile_firmware, snapdragon_626_mobile_firmware, snapdragon_630_mobile_firmware, snapdragon_632_mobile_firmware, snapdragon_636_mobile_firmware, snapdragon_660_mobile_firmware, snapdragon_662_mobile_firmware, snapdragon_670_mobile_firmware, snapdragon_675_mobile_firmware, snapdragon_678_mobile_firmware, snapdragon_680_4g_mobile_firmware, snapdragon_685_4g_mobile_firmware, snapdragon_690_5g_mobile_firmware, snapdragon_695_5g_mobile_firmware, snapdragon_7_gen_1_mobile_firmware, snapdragon_7\+_gen_2_mobile_firmware, snapdragon_710_mobile_firmware, snapdragon_720g_mobile_firmware, snapdragon_730_mobile_firmware, snapdragon_730g_mobile_firmware, snapdragon_732g_mobile_firmware, snapdragon_765_5g_mobile_firmware, snapdragon_765g_5g_mobile_firmware, snapdragon_768g_5g_mobile_firmware, snapdragon_778g_5g_mobile_firmware, snapdragon_778g\+_5g_mobile_firmware, snapdragon_780g_5g_mobile_firmware, snapdragon_782g_mobile_firmware, snapdragon_7c\+_gen_3_compute_firmware, snapdragon_8_gen_1_mobile_firmware, snapdragon_8_gen_2_mobile_firmware, snapdragon_8_gen_3_mobile_firmware, snapdragon_8\+_gen_1_mobile_firmware, snapdragon_8\+_gen_2_mobile_firmware, snapdragon_820_automotive_firmware, snapdragon_835_mobile_pc_firmware, snapdragon_845_mobile_firmware, snapdragon_855_mobile_firmware, snapdragon_855\+_firmware, snapdragon_860_mobile_firmware, snapdragon_865_5g_mobile_firmware, snapdragon_865\+_5g_mobile_firmware, snapdragon_870_5g_mobile_firmware, snapdragon_888_5g_mobile_firmware, snapdragon_888\+_5g_mobile_firmware, snapdragon_wear_2100_firmware, snapdragon_wear_2500_firmware, snapdragon_wear_3100_firmware, snapdragon_x50_5g_modem-rf_system_firmware, snapdragon_x55_5g_modem-rf_system_firmware, snapdragon_xr1_firmware, snapdragon_xr2_5g_firmware, snapdragon_xr2\+_gen_1_firmware, sxr1120_firmware, sxr2130_firmware, sxr2230p_firmware, sxr2250p_firmware, talynplus_firmware, vision_intelligence_100_firmware, vision_intelligence_200_firmware, vision_intelligence_400_firmware, wcd9326_firmware, wcd9335_firmware, wcd9340_firmware, wcd9341_firmware, wcd9370_firmware, wcd9375_firmware, wcd9380_firmware, wcd9385_firmware, wcd9390_firmware, wcd9395_firmware, wcn3610_firmware, wcn3615_firmware, wcn3620_firmware, wcn3660b_firmware, wcn3680_firmware, wcn3680b_firmware, wcn3910_firmware, wcn3950_firmware, wcn3980_firmware, wcn3988_firmware, wcn3990_firmware, wcn6740_firmware, wcn6755_firmware, wsa8810_firmware, wsa8815_firmware, wsa8830_firmware, wsa8832_firmware, wsa8835_firmware, wsa8840_firmware, wsa8845_firmware, wsa8845h_firmware

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

product-security@qualcomm.com
CWE-120
nvd@nist.gov
CWE-787

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. Memory Corruption when handling power management requests with improperly sized input/output buffers.CVE-2026-21382
  2. Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.CVE-2026-21381
  3. Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.CVE-2026-21376
  4. Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.CVE-2026-21378
  5. Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.CVE-2026-21375

References

Sources include official advisories and independent security research.