CVE-2024-38411

CVE Database · CVE-2024-38411

· MEDIUMAnalyzed

CVSS v3.1

6.6

EPSS

0.10%

Published

Feb 3, 2025

Modified

Aug 11, 2025

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Weaknesses (CWE)

CWE-416

Affected Products (36)

qualcomm · fastconnect_6900_firmwarevulnerable

qualcomm · fastconnect_6900

qualcomm · fastconnect_7800_firmwarevulnerable

qualcomm · fastconnect_7800

qualcomm · qcm8550_firmwarevulnerable

qualcomm · qcm8550

qualcomm · qcs6490_firmwarevulnerable

qualcomm · qcs6490

qualcomm · qcs8550_firmwarevulnerable

qualcomm · qcs8550

qualcomm · video_collaboration_vc3_platform_firmwarevulnerable

References (1)

PatchVendor Advisory