fkie_cve-2024-21460
Vulnerability from fkie_nvd
Published
2024-07-01 15:15
Modified
2024-11-21 08:54
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646B241B-2971-4929-9FB6-7A4CBF801CBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:qcm8550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5654FFB5-9A89-4399-AFAB-0A26726DEC81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:sg8275p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8509F3A3-A1CA-466B-9031-4146C36B9AF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:sg8275p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1813AB7-44F5-476B-9533-536F5B2F26BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4CDD6A2-5A3C-4572-8CE1-2F102333BB79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:sm8550p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699E5D17-6144-4F0A-8D52-1E8C83990E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60F5899C-BA8D-4B6B-BC61-F77B1EB64739",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D39AD7CE-A017-4D74-A348-9E4B08363799",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEDF458-DEA7-42A1-A56D-E11250139545",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_2_mobile_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5693438-0F20-47BB-BA32-7175C3152368",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896F1C04-9957-440F-BF01-C3772CC3B3DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A90555EB-47A7-4717-92D5-35B561825F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "699056F6-1517-4F25-AE07-4FFCF6923B9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C023D2-6FF5-4FFC-B9F2-895979166580",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA33DE15-C177-43B3-AD50-FF797753D12E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1A5841-5BCB-4033-ACB9-23F3FCA65309",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B47BF35-3AA0-4667-842E-19B0FE30BF3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A071672-9405-4418-9141-35CEADBB65AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7CF473-8B25-4851-91F2-1BD693CCDC85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91E591F2-8F72-4A5A-9264-2742EB2DABDA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space."
},
{
"lang": "es",
"value": "Divulgaci\u00f3n de informaci\u00f3n cuando ASLR reubica las partes IMEM y DDR segura como un solo fragmento en el espacio de direcciones virtuales."
}
],
"id": "CVE-2024-21460",
"lastModified": "2024-11-21T08:54:25.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0,
"source": "product-security@qualcomm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-01T15:15:14.063",
"references": [
{
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html"
}
],
"sourceIdentifier": "product-security@qualcomm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "product-security@qualcomm.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…