1. Home
  2. CVE Database
  3. CVE-2024-23385
HIGH · 7.5

CVE-2024-23385

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

Vulnerability Description

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
QualcommWsa8845H Firmware-
QualcommWsa8845H-
QualcommWsa8845 Firmware-
QualcommWsa8845-
QualcommWsa8840 Firmware-
QualcommWsa8840-
QualcommWsa8835 Firmware-
QualcommWsa8835-
QualcommWsa8832 Firmware-
QualcommWsa8832-
QualcommWsa8830 Firmware-
QualcommWsa8830-
QualcommWsa8815 Firmware-
QualcommWsa8815-
QualcommWsa8810 Firmware-
QualcommWsa8810-
QualcommWcn6755 Firmware-
QualcommWcn6755-
QualcommWcn3988 Firmware-
QualcommWcn3988-

Related Weaknesses (CWE)

CWE-617

References

FAQ

What is CVE-2024-23385?

CVE-2024-23385 is a vulnerability with a CVSS score of 7.5 (HIGH). Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

How severe is CVE-2024-23385?

CVE-2024-23385 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-23385?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Wsa8845H Firmware, Qualcomm Wsa8845H, Qualcomm Wsa8845 Firmware, Qualcomm Wsa8845, Qualcomm Wsa8840 Firmware.