DOS Vulnerability in Qualcomm Wireless Driver
CVE-2024-45558

7.5HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 6 January 2025

Summary

A Denial of Service vulnerability exists in Qualcomm's wireless driver due to improper validation of Information Element (IE) lengths when parsing per Station (STA) profile IEs. This oversight may allow an attacker to exploit the EXTN element ID, resulting in transient DOS conditions that can disrupt network connectivity. Users are advised to update their drivers to mitigate potential impacts.

Affected Version(s)

Snapdragon Snapdragon Auto AR8035

Snapdragon Snapdragon Auto CSR8811

Snapdragon Snapdragon Auto FastConnect 6700

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 6, 2025
Vulnerability Reserved
Sep 2, 2024

Collectors

NVD DatabaseMitre Database