1. Home
  2. CVE Database
  3. CVE-2024-38422
HIGH · 7.8

CVE-2024-38422

Memory corruption while processing voice packet with arbitrary data received from ADSP.

Vulnerability Description

Memory corruption while processing voice packet with arbitrary data received from ADSP.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommWsa8845H Firmware-
QualcommWsa8845H-
QualcommWsa8845 Firmware-
QualcommWsa8845-
QualcommWsa8840 Firmware-
QualcommWsa8840-
QualcommWsa8835 Firmware-
QualcommWsa8835-
QualcommWsa8832 Firmware-
QualcommWsa8832-
QualcommWsa8830 Firmware-
QualcommWsa8830-
QualcommWsa8815 Firmware-
QualcommWsa8815-
QualcommWsa8810 Firmware-
QualcommWsa8810-
QualcommWcn6755 Firmware-
QualcommWcn6755-
QualcommWcn6740 Firmware-
QualcommWcn6740-

Related Weaknesses (CWE)

CWE-680

References

FAQ

What is CVE-2024-38422?

CVE-2024-38422 is a vulnerability with a CVSS score of 7.8 (HIGH). Memory corruption while processing voice packet with arbitrary data received from ADSP.

How severe is CVE-2024-38422?

CVE-2024-38422 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-38422?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Wsa8845H Firmware, Qualcomm Wsa8845H, Qualcomm Wsa8845 Firmware, Qualcomm Wsa8845, Qualcomm Wsa8840 Firmware.