CVE-2024-23386

CVE Database · CVE-2024-23386

· MEDIUMAnalyzed

CVSS v3.1

6.7

EPSS

0.10%

Published

Nov 4, 2024

Modified

Nov 7, 2024

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

memory corruption when WiFi display APIs are invoked with large random inputs.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-20

Affected Products (20)

qualcomm · wsa8835_firmwarevulnerable

qualcomm · wsa8835

qualcomm · wsa8830_firmwarevulnerable

qualcomm · wsa8830

qualcomm · wcn3660b_firmwarevulnerable

qualcomm · wcn3660b

qualcomm · wcn3620_firmwarevulnerable

qualcomm · wcn3620

qualcomm · wcd9380_firmwarevulnerable

qualcomm · wcd9380

qualcomm · snapdragon_8_gen_1_mobile_platform_firmwarevulnerable

References (1)

PatchVendor Advisory