1. Home
  2. CVE Database
  3. CVE-2024-23376
MEDIUM · 6.7

CVE-2024-23376

Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.

Vulnerability Description

Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommWsa8835 Firmware-
QualcommWsa8835-
QualcommWsa8830 Firmware-
QualcommWsa8830-
QualcommWcn3988 Firmware-
QualcommWcn3988-
QualcommWcn3980 Firmware-
QualcommWcn3980-
QualcommWcd9380 Firmware-
QualcommWcd9380-
QualcommSw5100P Firmware-
QualcommSw5100P-
QualcommSw5100 Firmware-
QualcommSw5100-
QualcommSnapdragon W5\+ Gen 1 Wearable Platform Firmware-
QualcommSnapdragon W5\+ Gen 1 Wearable Platform-
QualcommSnapdragon 8 Gen 1 Mobile Platform Firmware-
QualcommSnapdragon 8 Gen 1 Mobile Platform-
QualcommSa8195P Firmware-
QualcommSa8195P-

Related Weaknesses (CWE)

CWE-416

References

FAQ

What is CVE-2024-23376?

CVE-2024-23376 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.

How severe is CVE-2024-23376?

CVE-2024-23376 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-23376?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Wsa8835 Firmware, Qualcomm Wsa8835, Qualcomm Wsa8830 Firmware, Qualcomm Wsa8830, Qualcomm Wcn3988 Firmware.