Memory Corruption Vulnerability in Qualcomm Camera Driver
CVE-2024-33065

7.8HIGH

Key Information:

Vendor: Qualcomm
Status: Wsa8845h Firmware
Vendor: CVE Published:; 7 October 2024

What is CVE-2024-33065?

A vulnerability exists in the Qualcomm Camera Driver that may lead to memory corruption during the snapshot process. When an offset variable is manipulated by the camera driver, it can result in unexpected behavior, potentially allowing an attacker to exploit the flaw. This issue underscores the necessity for prompt software updates and comprehensive security practices to mitigate risks associated with exposure to compromised driver functionality.

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2024