cve-2024-33059
Vulnerability from cvelistv5
Published
2025-01-06 10:33
Modified
2025-01-06 14:18
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Memory corruption while processing frame command IOCTL calls.
References
product-security@qualcomm.comhttps://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.htmlPatch, Vendor Advisory
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Version: FastConnect 6900
Version: FastConnect 7800
Version: QCM8550
Version: QCS8550
Version: SG8275P
Version: SM8550P
Version: Snapdragon 8 Gen 2 Mobile Platform
Version: Snapdragon 8 Gen 3 Mobile Platform
Version: Snapdragon 8+ Gen 2 Mobile Platform
Version: WCD9380
Version: WCD9385
Version: WCD9390
Version: WCD9395
Version: WSA8840
Version: WSA8845
Version: WSA8845H
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-33059",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-06T14:09:02.608734Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-06T14:18:36.032Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "QCM8550"
            },
            {
              "status": "affected",
              "version": "QCS8550"
            },
            {
              "status": "affected",
              "version": "SG8275P"
            },
            {
              "status": "affected",
              "version": "SM8550P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 3 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8+ Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCD9390"
            },
            {
              "status": "affected",
              "version": "WCD9395"
            },
            {
              "status": "affected",
              "version": "WSA8840"
            },
            {
              "status": "affected",
              "version": "WSA8845"
            },
            {
              "status": "affected",
              "version": "WSA8845H"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption while processing frame command IOCTL calls."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-06T10:33:17.264Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html"
        }
      ],
      "title": "Use After Free in Computer Vision"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2024-33059",
    "datePublished": "2025-01-06T10:33:17.264Z",
    "dateReserved": "2024-04-23T04:42:06.935Z",
    "dateUpdated": "2025-01-06T14:18:36.032Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E670F500-9B71-4BBE-B5DA-221D35803C89\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"638DBC7F-456F-487D-BED2-2214DFF8BEE2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"646B241B-2971-4929-9FB6-7A4CBF801CBB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:qcm8550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5654FFB5-9A89-4399-AFAB-0A26726DEC81\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:sg8275p_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8509F3A3-A1CA-466B-9031-4146C36B9AF8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:sg8275p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1813AB7-44F5-476B-9533-536F5B2F26BB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4CDD6A2-5A3C-4572-8CE1-2F102333BB79\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:sm8550p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"699E5D17-6144-4F0A-8D52-1E8C83990E52\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"863BA6B8-5F2D-4D97-BBBE-EAD5B35AB3AA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E0344CF-A15E-4734-852F-9553E780644B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA40FA0B-F9F1-48D4-B68A-ECD7241A5F39\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B00530E-070B-4832-AFF0-535D4A1A6F85\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:snapdragon_8\\\\+_gen_2_mobile_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28D14A7F-F116-416B-A359-32D395F706D4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:snapdragon_8\\\\+_gen_2_mobile:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B67D19B-E1B0-41A2-B122-FBA6D797F3C8\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70292B01-617F-44AD-AF77-1AFC1450523D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA94C6D6-85DB-4031-AAF4-C399019AE16D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92B17201-8185-47F1-9720-5AB4ECD11B22\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1FA2EB9-416F-4D69-8786-386CC73978AE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"896F1C04-9957-440F-BF01-C3772CC3B3DF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A90555EB-47A7-4717-92D5-35B561825F06\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"699056F6-1517-4F25-AE07-4FFCF6923B9F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4C023D2-6FF5-4FFC-B9F2-895979166580\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA33DE15-C177-43B3-AD50-FF797753D12E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE1A5841-5BCB-4033-ACB9-23F3FCA65309\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B47BF35-3AA0-4667-842E-19B0FE30BF3C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A071672-9405-4418-9141-35CEADBB65AF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB7CF473-8B25-4851-91F2-1BD693CCDC85\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91E591F2-8F72-4A5A-9264-2742EB2DABDA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Memory corruption while processing frame command IOCTL calls.\"}, {\"lang\": \"es\", \"value\": \"Corrupci\\u00f3n de memoria durante el procesamiento de llamadas IOCTL de comandos de marco.\"}]",
      "id": "CVE-2024-33059",
      "lastModified": "2025-01-10T16:53:02.590",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"product-security@qualcomm.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2025-01-06T11:15:08.470",
      "references": "[{\"url\": \"https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html\", \"source\": \"product-security@qualcomm.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "product-security@qualcomm.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"product-security@qualcomm.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-33059\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2025-01-06T11:15:08.470\",\"lastModified\":\"2025-01-10T16:53:02.590\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory corruption while processing frame command IOCTL calls.\"},{\"lang\":\"es\",\"value\":\"Corrupci\u00f3n de memoria durante el procesamiento de llamadas IOCTL de comandos de marco.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"product-security@qualcomm.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E670F500-9B71-4BBE-B5DA-221D35803C89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"638DBC7F-456F-487D-BED2-2214DFF8BEE2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"646B241B-2971-4929-9FB6-7A4CBF801CBB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcm8550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5654FFB5-9A89-4399-AFAB-0A26726DEC81\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sg8275p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8509F3A3-A1CA-466B-9031-4146C36B9AF8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sg8275p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1813AB7-44F5-476B-9533-536F5B2F26BB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4CDD6A2-5A3C-4572-8CE1-2F102333BB79\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm8550p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"699E5D17-6144-4F0A-8D52-1E8C83990E52\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"863BA6B8-5F2D-4D97-BBBE-EAD5B35AB3AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E0344CF-A15E-4734-852F-9553E780644B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA40FA0B-F9F1-48D4-B68A-ECD7241A5F39\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B00530E-070B-4832-AFF0-535D4A1A6F85\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:snapdragon_8\\\\+_gen_2_mobile_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28D14A7F-F116-416B-A359-32D395F706D4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:snapdragon_8\\\\+_gen_2_mobile:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B67D19B-E1B0-41A2-B122-FBA6D797F3C8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70292B01-617F-44AD-AF77-1AFC1450523D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA94C6D6-85DB-4031-AAF4-C399019AE16D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92B17201-8185-47F1-9720-5AB4ECD11B22\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1FA2EB9-416F-4D69-8786-386CC73978AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"896F1C04-9957-440F-BF01-C3772CC3B3DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A90555EB-47A7-4717-92D5-35B561825F06\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"699056F6-1517-4F25-AE07-4FFCF6923B9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4C023D2-6FF5-4FFC-B9F2-895979166580\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA33DE15-C177-43B3-AD50-FF797753D12E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1A5841-5BCB-4033-ACB9-23F3FCA65309\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B47BF35-3AA0-4667-842E-19B0FE30BF3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A071672-9405-4418-9141-35CEADBB65AF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7CF473-8B25-4851-91F2-1BD693CCDC85\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91E591F2-8F72-4A5A-9264-2742EB2DABDA\"}]}]}],\"references\":[{\"url\":\"https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-33059\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-06T14:09:02.608734Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-06T14:11:21.667Z\"}}], \"cna\": {\"title\": \"Use After Free in Computer Vision\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Qualcomm, Inc.\", \"product\": \"Snapdragon\", \"versions\": [{\"status\": \"affected\", \"version\": \"FastConnect 6900\"}, {\"status\": \"affected\", \"version\": \"FastConnect 7800\"}, {\"status\": \"affected\", \"version\": \"QCM8550\"}, {\"status\": \"affected\", \"version\": \"QCS8550\"}, {\"status\": \"affected\", \"version\": \"SG8275P\"}, {\"status\": \"affected\", \"version\": \"SM8550P\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8 Gen 2 Mobile Platform\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8 Gen 3 Mobile Platform\"}, {\"status\": \"affected\", \"version\": \"Snapdragon 8+ Gen 2 Mobile Platform\"}, {\"status\": \"affected\", \"version\": \"WCD9380\"}, {\"status\": \"affected\", \"version\": \"WCD9385\"}, {\"status\": \"affected\", \"version\": \"WCD9390\"}, {\"status\": \"affected\", \"version\": \"WCD9395\"}, {\"status\": \"affected\", \"version\": \"WSA8840\"}, {\"status\": \"affected\", \"version\": \"WSA8845\"}, {\"status\": \"affected\", \"version\": \"WSA8845H\"}], \"platforms\": [\"Snapdragon Auto\", \"Snapdragon Compute\", \"Snapdragon Consumer IOT\", \"Snapdragon Industrial IOT\", \"Snapdragon Mobile\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Memory corruption while processing frame command IOCTL calls.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"shortName\": \"qualcomm\", \"dateUpdated\": \"2025-01-06T10:33:17.264Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-33059\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-06T14:18:36.032Z\", \"dateReserved\": \"2024-04-23T04:42:06.935Z\", \"assignerOrgId\": \"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f\", \"datePublished\": \"2025-01-06T10:33:17.264Z\", \"assignerShortName\": \"qualcomm\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.