CVE-2024-21452

Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html	Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*

History

13 Jan 2025, 21:53

Type	Values Removed	Values Added
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html - Vendor Advisory
CWE		NVD-CWE-noinfo
First Time		Qualcomm snapdragon Auto 5g Modem-rf Gen 2 Firmware Qualcomm snapdragon Auto 5g Modem-rf Gen 2 Qualcomm qca6584au Qualcomm qca6698aq Firmware Qualcomm c-v2x 9150 Firmware Qualcomm snapdragon Auto 4g Modem Firmware Qualcomm qca6698aq Qualcomm qca6584au Firmware Qualcomm snapdragon Auto 5g Modem-rf Firmware Qualcomm c-v2x 9150 Qualcomm snapdragon Auto 5g Modem-rf Qualcomm snapdragon Auto 4g Modem Qualcomm
CPE		cpe:2.3:o:qualcomm:qca6584au_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6698aq:-:::::::* cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:::::::* cpe:2.3:h:qualcomm:c-v2x_9150:-:::::::* cpe:2.3:h:qualcomm:qca6584au:-:::::::* cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:::::::* cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:::::::* cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:::::::*

21 Nov 2024, 08:54

Type	Values Removed	Values Added
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html -

12 Apr 2024, 09:15

Type	Values Removed	Values Added
CWE		CWE-20
Summary		(es) DOS transitorio mientras se decodifica un mensaje REA ASN.1 que contiene una SECUENCIA de extensiones desconocidas.

01 Apr 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-01 15:15

Updated : 2025-01-13 21:53

NVD link : CVE-2024-21452

Mitre link : CVE-2024-21452

CVE.ORG link : CVE-2024-21452

JSON object : View

Products Affected

qualcomm

snapdragon_auto_5g_modem-rf_firmware
c-v2x_9150_firmware
snapdragon_auto_5g_modem-rf_gen_2
snapdragon_auto_5g_modem-rf
qca6584au
qca6698aq_firmware
snapdragon_auto_5g_modem-rf_gen_2_firmware
snapdragon_auto_4g_modem_firmware
qca6584au_firmware
c-v2x_9150
snapdragon_auto_4g_modem
qca6698aq

CWE

CWE-20

Improper Input Validation

NVD-CWE-noinfo

7.3 /10