Snapdragon Ar2 Gen 1 Firmware
CVE-2024-49841
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
AnalysisAI
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-390. Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Affected products include: Qualcomm Snapdragon Ar2 Gen 1 Firmware, Qualcomm Snapdragon Auto 5G Modem-Rf Gen 2 Firmware, Qualcomm Snapdragon X24 Lte Modem Firmware, Qualcomm Snapdragon X32 5G Modem-Rf Firmware, Qualcomm Snapdragon X35 5G Modem-Rf Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vul
Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. Rated critical severity (CVSS 9.8), this
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to w
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. Rated high se
Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low
Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vu
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation. Rated high severity (CVSS 7.
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the vid
Memory corruption while processing video packets received from video firmware.
CVE-2025-21432 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.
Memory corruption while processing IOCTL call for getting group info. Rated high severity (CVSS 7.8), this vulnerability
Same technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today