Memory Corruption in Qualcomm Products Due to IPA Statistics Processing
CVE-2024-21464

8.4HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 6 January 2025

Summary

This vulnerability involves memory corruption during the processing of IPA (Intelligent Power Architecture) statistics when no active clients are registered. This can lead to unstable system behavior and potential exploitation in affected Qualcomm products, particularly impacting various Snapdragon chipsets and networking solutions. It is crucial for users and administrators to evaluate their systems and apply necessary security measures to mitigate risks associated with this vulnerability.

Affected Version(s)

Snapdragon Snapdragon Auto FastConnect 6700

Snapdragon Snapdragon Auto FastConnect 6900

Snapdragon Snapdragon Auto FastConnect 7800

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 6, 2025
Vulnerability Reserved
Dec 12, 2023

Collectors

NVD DatabaseMitre Database