Mdm9628 Firmware
CVE-2024-45581
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Lifecycle Timeline
3DescriptionCVE.org
Memory corruption while sound model registration for voice activation with audio kernel driver.
AnalysisAI
Memory corruption while sound model registration for voice activation with audio kernel driver. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. Memory corruption while sound model registration for voice activation with audio kernel driver. Affected products include: Qualcomm Mdm9628 Firmware, Qualcomm Qam8295P Firmware, Qualcomm Qca6564A Firmware, Qualcomm Qca6564Au Firmware, Qualcomm Qca6574A Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
More in Mdm9628 Firmware
View allA Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to w
Memory corruption while reading the FW response from the shared queue. Rated high severity (CVSS 7.8), this vulnerabilit
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f
Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vu
Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the vid
Memory corruption while processing data packets in diag received from Unix clients.
Memory corruption while processing video packets received from video firmware.
Memory Corruption when adding user-supplied data without checking available buffer space. [CVSS 7.8 HIGH]
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs. [CVSS 7.8 HIGH]
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today