Ar8035 Firmware
CVE-2024-45571
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
AnalysisAI
Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Technical ContextAI
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. Affected products include: Qualcomm Ar8035 Firmware, Qualcomm Csr8811 Firmware, Qualcomm Fastconnect 6700 Firmware, Qualcomm Fastconnect 6900 Firmware, Qualcomm Fastconnect 7800 Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
More in Ar8035 Firmware
View allA Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Cryptographic issue occurs due to use of insecure connection method while downloading.
Cryptographic issue may occur while encrypting license data. [CVSS 8.4 HIGH]
Memory corruption while decoding of OTA messages from T3448 IE. Rated high severity (CVSS 8.2), this vulnerability is re
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to w
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f
Memory corruption during the FRS UDS generation process. Rated high severity (CVSS 7.8), this vulnerability is low attac
Memory corruption while triggering commands in the PlayReady Trusted application. Rated high severity (CVSS 7.8), this v
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Rated high se
Memory corruption while reading secure file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity
Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation. Rated high
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. Rated high se
Same weakness CWE-416 – Use After Free
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today