1. Home
  2. CVE Database
  3. CVE-2024-23374
MEDIUM · 6.7

CVE-2024-23374

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.

Vulnerability Description

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommWsa8835 Firmware-
QualcommWsa8835-
QualcommWsa8830 Firmware-
QualcommWsa8830-
QualcommWcn3988 Firmware-
QualcommWcn3988-
QualcommWcn3980 Firmware-
QualcommWcn3980-
QualcommWcd9380 Firmware-
QualcommWcd9380-
QualcommSw5100P Firmware-
QualcommSw5100P-
QualcommSw5100 Firmware-
QualcommSw5100-
QualcommSnapdragon W5\+ Gen 1 Wearable Platform Firmware-
QualcommSnapdragon W5\+ Gen 1 Wearable Platform-
QualcommSnapdragon Auto 5G Modem-Rf Gen 2 Firmware-
QualcommSnapdragon Auto 5G Modem-Rf Gen 2-
QualcommSnapdragon 8 Gen 1 Mobile Platform Firmware-
QualcommSnapdragon 8 Gen 1 Mobile Platform-

Related Weaknesses (CWE)

CWE-121CWE-787

References

FAQ

What is CVE-2024-23374?

CVE-2024-23374 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.

How severe is CVE-2024-23374?

CVE-2024-23374 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-23374?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Wsa8835 Firmware, Qualcomm Wsa8835, Qualcomm Wsa8830 Firmware, Qualcomm Wsa8830, Qualcomm Wcn3988 Firmware.