Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ghsa-jfgv-r9x2-7mhr
Vulnerability from github
Published
2024-08-05 15:30
Modified
2024-08-05 15:30
Severity ?
Details
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
{ "affected": [], "aliases": [ "CVE-2024-23350" ], "database_specific": { "cwe_ids": [ "CWE-617" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-08-05T15:15:45Z", "severity": "MODERATE" }, "details": "Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.", "id": "GHSA-jfgv-r9x2-7mhr", "modified": "2024-08-05T15:30:53Z", "published": "2024-08-05T15:30:53Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23350" }, { "type": "WEB", "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
cve-2024-23350
Vulnerability from cvelistv5
Published
2024-08-05 14:21
Modified
2024-08-05 15:02
Severity ?
EPSS score ?
Summary
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Qualcomm, Inc. | Snapdragon |
Version: AR8035 Version: FastConnect 6900 Version: FastConnect 7800 Version: QCA6174A Version: QCA6584AU Version: QCA6698AQ Version: QCA8081 Version: QCA8337 Version: QCC710 Version: QCN6224 Version: QCN6274 Version: QEP8111 Version: QFW7114 Version: QFW7124 Version: Snapdragon 8 Gen 3 Mobile Platform Version: Snapdragon Auto 5G Modem-RF Gen 2 Version: Snapdragon X35 5G Modem-RF System Version: Snapdragon X72 5G Modem-RF System Version: Snapdragon X75 5G Modem-RF System Version: WCD9340 Version: WCD9390 Version: WCD9395 Version: WSA8840 Version: WSA8845 Version: WSA8845H |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ar8035_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_6900_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fastconnect_7800_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6174a_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6584au_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca6698aq_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8081_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qca8337_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcc710_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn6224_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qcn6274_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qep8111_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qep8111_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qfw7114_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qfw7124_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_8_gen_3_mobile_platform_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_auto_5g_modem-rf_gen_2_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x35_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x35_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x72_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snapdragon_x75_5g_modem-rf_system_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9340_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9390_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wcd9395_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8840_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8845_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "wsa8845h_firmware", "vendor": "qualcomm", "versions": [ { "lessThanOrEqual": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-23350", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-05T15:02:19.688898Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-05T15:02:35.350Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "platforms": [ "Snapdragon Auto", "Snapdragon Mobile" ], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "AR8035" }, { "status": "affected", "version": "FastConnect 6900" }, { "status": "affected", "version": "FastConnect 7800" }, { "status": "affected", "version": "QCA6174A" }, { "status": "affected", "version": "QCA6584AU" }, { "status": "affected", "version": "QCA6698AQ" }, { "status": "affected", "version": "QCA8081" }, { "status": "affected", "version": "QCA8337" }, { "status": "affected", "version": "QCC710" }, { "status": "affected", "version": "QCN6224" }, { "status": "affected", "version": "QCN6274" }, { "status": "affected", "version": "QEP8111" }, { "status": "affected", "version": "QFW7114" }, { "status": "affected", "version": "QFW7124" }, { "status": "affected", "version": "Snapdragon 8 Gen 3 Mobile Platform" }, { "status": "affected", "version": "Snapdragon Auto 5G Modem-RF Gen 2" }, { "status": "affected", "version": "Snapdragon X35 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X72 5G Modem-RF System" }, { "status": "affected", "version": "Snapdragon X75 5G Modem-RF System" }, { "status": "affected", "version": "WCD9340" }, { "status": "affected", "version": "WCD9390" }, { "status": "affected", "version": "WCD9395" }, { "status": "affected", "version": "WSA8840" }, { "status": "affected", "version": "WSA8845" }, { "status": "affected", "version": "WSA8845H" } ] } ], "descriptions": [ { "lang": "en", "value": "Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-617", "description": "CWE-617 Reachable Assertion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-05T14:21:18.555Z", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html" } ], "title": "Reachable Assertion in Multi Mode Call Processor" } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2024-23350", "datePublished": "2024-08-05T14:21:18.555Z", "dateReserved": "2024-01-16T03:27:26.430Z", "dateUpdated": "2024-08-05T15:02:35.350Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.