CVE-2024-43064

Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qam8620p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8620p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qam8775p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6688aq:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8650p:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8775p:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:srv1l_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:srv1l:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

History

13 Jan 2025, 21:50

Type	Values Removed	Values Added
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html - Vendor Advisory
CPE		cpe:2.3:o:qualcomm:qca6595_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8540p:-:::::::* cpe:2.3:o:qualcomm:sa8255p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8620p_firmware:-:::::::* cpe:2.3:o:qualcomm:sdm429w_firmware:-:::::::* cpe:2.3:o:qualcomm:srv1l_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8255p:-:::::::* cpe:2.3:o:qualcomm:qam8295p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8295p:-:::::::* cpe:2.3:h:qualcomm:sa8295p:-:::::::* cpe:2.3:o:qualcomm:sa7255p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8650p:-:::::::* cpe:2.3:o:qualcomm:qca6688aq_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6595:-:::::::* cpe:2.3:o:qualcomm:qca6698aq_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3620_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8540p_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:::::::* cpe:2.3:h:qualcomm:qamsrv1m:-:::::::* cpe:2.3:h:qualcomm:sa8255p:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:o:qualcomm:qam8650p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8650p:-:::::::* cpe:2.3:h:qualcomm:sa8620p:-:::::::* cpe:2.3:o:qualcomm:sa8650p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8620p:-:::::::* cpe:2.3:o:qualcomm:srv1m_firmware:-:::::::* cpe:2.3:h:qualcomm:sdm429w:-:::::::* cpe:2.3:o:qualcomm:srv1h_firmware:-:::::::* cpe:2.3:o:qualcomm:qam8775p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8770p_firmware:-:::::::* cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:::::::* cpe:2.3:o:qualcomm:qam8255p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8295p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa7775p_firmware:-:::::::* cpe:2.3:o:qualcomm:qam8620p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8775p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8775p:-:::::::* cpe:2.3:h:qualcomm:srv1l:-:::::::* cpe:2.3:h:qualcomm:qamsrv1h:-:::::::* cpe:2.3:h:qualcomm:sa8770p:-:::::::* cpe:2.3:h:qualcomm:sa7775p:-:::::::* cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3660b:-:::::::* cpe:2.3:h:qualcomm:srv1m:-:::::::* cpe:2.3:h:qualcomm:qca6688aq:-:::::::* cpe:2.3:h:qualcomm:qca6595au:-:::::::* cpe:2.3:h:qualcomm:qca6698aq:-:::::::* cpe:2.3:h:qualcomm:sa7255p:-:::::::* cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:::::::* cpe:2.3:h:qualcomm:sa9000p:-:::::::* cpe:2.3:h:qualcomm:srv1h:-:::::::* cpe:2.3:h:qualcomm:wcn3620:-:::::::* cpe:2.3:o:qualcomm:sa9000p_firmware:-:::::::* cpe:2.3:h:qualcomm:qam8775p:-:::::::* cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3660b_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::*
CWE		CWE-770
Summary		(es) Consumo descontrolado de recursos cuando un controlador, una aplicación o un cliente SMMU intenta acceder a los registros globales a través de SMMU.
First Time		Qualcomm sa8255p Firmware Qualcomm sa8540p Firmware Qualcomm qam8255p Firmware Qualcomm sa7255p Qualcomm qca6698aq Firmware Qualcomm qam8295p Qualcomm qca6595 Qualcomm qca6595au Firmware Qualcomm sdm429w Firmware Qualcomm qam8650p Qualcomm qamsrv1m Firmware Qualcomm wcn3620 Firmware Qualcomm sa8775p Firmware Qualcomm sa9000p Firmware Qualcomm wcn3660b Qualcomm qca6696 Firmware Qualcomm sa8295p Qualcomm sa7775p Qualcomm qca6574au Firmware Qualcomm sa8770p Firmware Qualcomm sa8255p Qualcomm qam8295p Firmware Qualcomm qca6698aq Qualcomm snapdragon 429 Mobile Qualcomm qca6696 Qualcomm qam8775p Qualcomm qca6595au Qualcomm qam8255p Qualcomm qca6595 Firmware Qualcomm sa9000p Qualcomm qamsrv1m Qualcomm wcn3660b Firmware Qualcomm qca6688aq Firmware Qualcomm sa8775p Qualcomm qamsrv1h Firmware Qualcomm srv1l Firmware Qualcomm snapdragon 429 Mobile Firmware Qualcomm sa8650p Qualcomm qca6688aq Qualcomm qam8650p Firmware Qualcomm sdm429w Qualcomm qam8775p Firmware Qualcomm qamsrv1h Qualcomm sa8295p Firmware Qualcomm sa8650p Firmware Qualcomm srv1m Firmware Qualcomm sa7775p Firmware Qualcomm srv1l Qualcomm srv1h Qualcomm sa7255p Firmware Qualcomm qam8620p Firmware Qualcomm srv1h Firmware Qualcomm qam8620p Qualcomm wcn3620 Qualcomm srv1m Qualcomm sa8620p Firmware Qualcomm sa8770p Qualcomm sa8620p Qualcomm sa8540p Qualcomm Qualcomm qca6574au

06 Jan 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-06 11:15

Updated : 2025-01-13 21:50

NVD link : CVE-2024-43064

Mitre link : CVE-2024-43064

CVE.ORG link : CVE-2024-43064

JSON object : View

Products Affected

qualcomm

qam8295p
qam8620p
sdm429w
qam8295p_firmware
sa7775p_firmware
qca6595_firmware
sa8770p_firmware
sa8255p
qca6696
qamsrv1m_firmware
srv1m
sa9000p_firmware
sa8540p
qca6595au
snapdragon_429_mobile
qca6696_firmware
sa7775p
sa9000p
srv1l
qamsrv1m
qca6595au_firmware
qca6698aq
qca6688aq
sdm429w_firmware
qca6574au
sa8620p_firmware
qca6688aq_firmware
sa8775p
qam8775p
qam8620p_firmware
srv1m_firmware
qam8650p
qca6698aq_firmware
sa7255p_firmware
sa8650p
sa8775p_firmware
qam8255p
srv1l_firmware
wcn3660b
sa8770p
sa8295p
qamsrv1h
sa8620p
qamsrv1h_firmware
srv1h_firmware
snapdragon_429_mobile_firmware
qca6574au_firmware
sa8650p_firmware
qam8650p_firmware
sa8540p_firmware
wcn3620
qam8255p_firmware
srv1h
sa8255p_firmware
qca6595
qam8775p_firmware
sa8295p_firmware
wcn3620_firmware
wcn3660b_firmware
sa7255p

CWE

CWE-264

Permissions, Privileges, and Access Controls

CWE-770

Allocation of Resources Without Limits or Throttling

7.5 /10