Skip to main content

C V2x 9150 Firmware CVE-2024-38418

HIGH
Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
2025-02-03 product-security@qualcomm.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 18:07 vuln.today
Patch released
Mar 28, 2026 - 18:07 nvd
Patch available
CVE Published
Feb 03, 2025 - 17:15 nvd
HIGH 7.8

DescriptionCVE.org

Memory corruption while parsing the memory map info in IOCTL calls.

AnalysisAI

Memory corruption while parsing the memory map info in IOCTL calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-367. Memory corruption while parsing the memory map info in IOCTL calls. Affected products include: Qualcomm C-V2X 9150 Firmware, Qualcomm Csrb31024 Firmware, Qualcomm Fastconnect 6800 Firmware, Qualcomm Fastconnect 6900 Firmware, Qualcomm Fastconnect 7800 Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2026-21385 HIGH POC
7.8 Mar 02

A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo

CVE-2024-45564 HIGH
7.8 May 06

Memory corruption during concurrent access to server info object due to incorrect reference count update. Rated high sev

CVE-2024-43067 HIGH
7.8 Apr 07

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shar

CVE-2024-53014 HIGH
7.8 Mar 03

Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vu

CVE-2024-43057 HIGH
7.8 Mar 03

Memory corruption while processing command in Glink linux. Rated high severity (CVSS 7.8), this vulnerability is low att

CVE-2025-21424 HIGH
7.8 Mar 03

Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is

CVE-2025-27061 HIGH
7.8 Jul 08

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the vid

CVE-2025-27042 HIGH
7.8 Jul 08

Memory corruption while processing video packets received from video firmware.

CVE-2025-47379 HIGH
7.8 Mar 02

Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and

CVE-2025-21429 HIGH
7.5 Apr 07

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5

CVE-2025-21428 HIGH
7.5 Apr 07

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSp

CVE-2025-47383 HIGH
7.2 Mar 02

5G Fixed Wireless Access Platform Firmware versions up to - contains a vulnerability that allows attackers to cryptograp

Share

CVE-2024-38418 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy