CVE-2024-45568

Memory corruption due to improper bounds check while command handling in camera-kernel driver.

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

09 May 2025, 19:16

Type	Values Removed	Values Added
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html - Patch, Vendor Advisory
CWE		CWE-125
First Time		Qualcomm fastconnect 7800 Firmware Qualcomm sdm429w Qualcomm wsa8835 Firmware Qualcomm wcd9385 Firmware Qualcomm fastconnect 7800 Qualcomm sxr2230p Qualcomm wcd9385 Qualcomm sxr2250p Qualcomm fastconnect 6900 Firmware Qualcomm wcn3620 Qualcomm sxr2230p Firmware Qualcomm Qualcomm snapdragon 429 Mobile Firmware Qualcomm wsa8832 Qualcomm sdm429w Firmware Qualcomm wcd9380 Qualcomm wcn3660b Firmware Qualcomm wsa8835 Qualcomm wcn3660b Qualcomm wcn3620 Firmware Qualcomm wcd9380 Firmware Qualcomm fastconnect 6900 Qualcomm wsa8830 Firmware Qualcomm wsa8832 Firmware Qualcomm sxr2250p Firmware Qualcomm snapdragon 429 Mobile Qualcomm wsa8830
CPE		cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::* cpe:2.3:h:qualcomm:sxr2250p:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:o:qualcomm:sdm429w_firmware:-:::::::* cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::* cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:sxr2230p:-:::::::* cpe:2.3:h:qualcomm:wcn3620:-:::::::* cpe:2.3:h:qualcomm:sdm429w:-:::::::* cpe:2.3:o:qualcomm:sxr2230p_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3620_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:o:qualcomm:sxr2250p_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3660b:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:o:qualcomm:wcn3660b_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8832:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:::::::*

07 May 2025, 14:13

Type	Values Removed	Values Added
Summary		(es) Corrupción de memoria debido a una verificación de límites incorrecta durante el manejo de comandos en el controlador del núcleo de la cámara.

06 May 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-06 09:15

Updated : 2025-05-09 19:16

NVD link : CVE-2024-45568

Mitre link : CVE-2024-45568

CVE.ORG link : CVE-2024-45568

JSON object : View

Products Affected

qualcomm

sxr2250p
wsa8832_firmware
fastconnect_7800
snapdragon_429_mobile
sxr2230p_firmware
fastconnect_7800_firmware
sxr2250p_firmware
wsa8835
wcd9385_firmware
wsa8832
wcn3660b
wsa8835_firmware
wcn3660b_firmware
sdm429w
fastconnect_6900_firmware
sxr2230p
wcn3620
wcn3620_firmware
wcd9380_firmware
wcd9380
wsa8830
wsa8830_firmware
sdm429w_firmware
fastconnect_6900
snapdragon_429_mobile_firmware
wcd9385

CWE

CWE-126

Buffer Over-read

CWE-125

Out-of-bounds Read

{"id": "CVE-2024-45568", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "product-security@qualcomm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-05-06T09:15:19.213", "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html", "tags": ["Patch", "Vendor Advisory"], "source": "product-security@qualcomm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "product-security@qualcomm.com", "description": [{"lang": "en", "value": "CWE-126"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "Memory corruption due to improper bounds check while command handling in camera-kernel driver."}, {"lang": "es", "value": "Corrupci\u00f3n de memoria debido a una verificaci\u00f3n de l\u00edmites incorrecta durante el manejo de comandos en el controlador del n\u00facleo de la c\u00e1mara."}], "lastModified": "2025-05-09T19:16:51.373", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7E52771-4FB7-45DB-A349-4DD911F53752"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72F6CE39-9299-4FC3-BC48-11F79034F2E4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B29ED8BE-FB30-4E28-B080-7970BBCF67CF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1C36217-A66F-445C-8B5C-73E6096308DA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD6444F6-A477-4B4C-8A09-C22C47CCE45B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3E20681-4FC4-46E2-AF77-BCF03BC8E77E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68A93ED1-F509-439E-AE7B-F0EC87AE759F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FB5E2A98-EDD0-4298-911D-EC7527D5A424"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D99CA230-0694-4898-A06E-9C522CCB86CE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62B00662-139A-4E36-98FA-D4F7D101D4AB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}

6.7 /10