Memory Corruption Vulnerability in Qualcomm Products
CVE-2024-49839

9.8CRITICAL

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 3 February 2025

Summary

This vulnerability results from improper handling of T2LM info elements during the processing of management frames, leading to potential memory corruption. Exploiting this flaw may allow an attacker to execute arbitrary code or cause unexpected behavior in systems utilizing affected Qualcomm chipsets.

Affected Version(s)

Snapdragon Snapdragon Auto AR8035

Snapdragon Snapdragon Auto CSR8811

Snapdragon Snapdragon Auto FastConnect 6700

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 3, 2025
Vulnerability Reserved
Oct 20, 2024