C V2x 9150 Firmware
CVE-2024-33053
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (qualcomm) · only source for this CVE.
CVSS VectorVendor: qualcomm
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Memory corruption when multiple threads try to unregister the CVP buffer at the same time.
AnalysisAI
Memory corruption when multiple threads try to unregister the CVP buffer at the same time. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Technical ContextAI
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Memory corruption when multiple threads try to unregister the CVP buffer at the same time. Affected products include: Qualcomm C-V2X 9150 Firmware, Qualcomm Fastconnect 6200 Firmware, Qualcomm Fastconnect 6800 Firmware, Qualcomm Fastconnect 6900 Firmware, Qualcomm Qam8295P Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
More in C V2x 9150 Firmware
View allA Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this v
Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulner
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Rated critical severity (CVSS 9.3
Memory corruption in HLOS while running playready use-case. Rated critical severity (CVSS 9.3), this vulnerability is no
Memory corruption while loading an ELF segment in TEE Kernel. Rated high severity (CVSS 8.8), this vulnerability is low
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitt
Memory corruption in Audio during playback with speaker protection. Rated high severity (CVSS 8.4), this vulnerability i
Memory corruption in Audio when memory map command is executed consecutively in ADSP. Rated high severity (CVSS 7.8), th
Memory corruption during concurrent access to server info object due to incorrect reference count update. Rated high sev
Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shar
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allShare
External POC / Exploit Code
Leaving vuln.today