Description
Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.
Reserved 2024-09-02 | Published 2025-04-07 | Updated 2025-04-08 | Assigner
qualcommHIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem types
CWE-823 Use of Out-of-range Pointer Offset
Product status
Default status
unaffected
AR8035
affected
FastConnect 6700
affected
FastConnect 6900
affected
FastConnect 7800
affected
QCA6174A
affected
QCA6584AU
affected
QCA6698AQ
affected
QCA8081
affected
QCA8337
affected
QCC710
affected
QCM4490
affected
QCN6224
affected
QCN6274
affected
QCS4490
affected
QDU1000
affected
QDU1010
affected
QDU1110
affected
QDU1210
affected
QDX1010
affected
QDX1011
affected
QEP8111
affected
QFW7114
affected
QFW7124
affected
QRU1032
affected
QRU1052
affected
QRU1062
affected
SC8380XP
affected
SD 8 Gen1 5G
affected
SM8635
affected
Snapdragon 4 Gen 2 Mobile Platform
affected
Snapdragon 8 Gen 1 Mobile Platform
affected
Snapdragon 8 Gen 3 Mobile Platform
affected
Snapdragon 8+ Gen 1 Mobile Platform
affected
Snapdragon AR2 Gen 1 Platform
affected
Snapdragon Auto 5G Modem-RF Gen 2
affected
Snapdragon X35 5G Modem-RF System
affected
Snapdragon X72 5G Modem-RF System
affected
Snapdragon X75 5G Modem-RF System
affected
SSG2115P
affected
SSG2125P
affected
SXR1230P
affected
SXR2230P
affected
TalynPlus
affected
WCD9340
affected
WCD9370
affected
WCD9375
affected
WCD9380
affected
WCD9385
affected
WCD9390
affected
WCD9395
affected
WCN3950
affected
WCN3988
affected
WCN6755
affected
WSA8810
affected
WSA8815
affected
WSA8830
affected
WSA8832
affected
WSA8835
affected
WSA8840
affected
WSA8845
affected
WSA8845H
affected
References
docs.qualcomm.com/...curitybulletin/april-2025-bulletin.html
cve.org (CVE-2024-45557)
nvd.nist.gov (CVE-2024-45557)
Download JSON
