CVE-2024-21453

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-21453
Transient DOS while decoding message of size that exceeds the available system memory.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:video_collaboration_vc1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:video_collaboration_vc3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*
History

13 Jan 2025, 21:55

Type Values Removed Values Added
CWE NVD-CWE-noinfo
References () https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html - () https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html - Vendor Advisory
First Time Qualcomm wcn3950
Qualcomm wcd9341
Qualcomm wsa8815
Qualcomm wcn3980 Firmware
Qualcomm qcs610 Firmware
Qualcomm wcd9370
Qualcomm c-v2x 9150 Firmware
Qualcomm snapdragon Auto 4g Modem Firmware
Qualcomm video Collaboration Vc1 Firmware
Qualcomm snapdragon Auto 5g Modem-rf Firmware
Qualcomm wcn3980
Qualcomm c-v2x 9150
Qualcomm snapdragon Auto 5g Modem-rf
Qualcomm snapdragon Auto 4g Modem
Qualcomm video Collaboration Vc1
Qualcomm video Collaboration Vc3 Firmware
Qualcomm qcs410 Firmware
Qualcomm wcd9370 Firmware
Qualcomm qcs410
Qualcomm video Collaboration Vc3
Qualcomm wsa8810
Qualcomm wcn3950 Firmware
Qualcomm wsa8810 Firmware
Qualcomm qcs610
Qualcomm wsa8815 Firmware
Qualcomm wcd9341 Firmware
Qualcomm
CPE cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:video_collaboration_vc3_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:video_collaboration_vc1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

21 Nov 2024, 08:54

Type Values Removed Values Added
References () https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html - () https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html -

12 Apr 2024, 09:15

Type Values Removed Values Added
CWE CWE-20
Summary
  • (es) DOS transitorio mientras se decodifica un mensaje de tamaño que excede la memoria disponible del sistema.

01 Apr 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-01 15:15

Updated : 2025-01-13 21:55

NVD link : CVE-2024-21453

Mitre link : CVE-2024-21453

CVE.ORG link : CVE-2024-21453

JSON object : View

Products Affected

qualcomm

  • wcd9341_firmware
  • c-v2x_9150_firmware
  • snapdragon_auto_4g_modem
  • wsa8810_firmware
  • wcd9341
  • wcn3950
  • wsa8815_firmware
  • qcs610_firmware
  • wcn3950_firmware
  • video_collaboration_vc1
  • wsa8815
  • wcn3980
  • video_collaboration_vc3
  • qcs410
  • qcs610
  • video_collaboration_vc3_firmware
  • video_collaboration_vc1_firmware
  • snapdragon_auto_5g_modem-rf
  • c-v2x_9150
  • snapdragon_auto_5g_modem-rf_firmware
  • wcd9370
  • wcd9370_firmware
  • wcn3980_firmware
  • wsa8810
  • snapdragon_auto_4g_modem_firmware
  • qcs410_firmware
CWE
CWE-20

Improper Input Validation

NVD-CWE-noinfo