Sm6370 Firmware
CVE-2024-53014
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Memory corruption may occur while validating ports and channels in Audio driver.
AnalysisAI
Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-129. Memory corruption may occur while validating ports and channels in Audio driver. Affected products include: Qualcomm Sm6370 Firmware, Qualcomm Sm6650 Firmware, Qualcomm Sm7250P Firmware, Qualcomm Sm7315 Firmware, Qualcomm Sm7325P Firmware.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Sm6370 Firmware
View allCryptographic issue occurs due to use of insecure connection method while downloading.
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critic
Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.
Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t
CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL
CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processi
CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that o
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to w
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f
Memory corruption while reading secure file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity
Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS
Same weakness CWE-129 – Improper Validation of Array Index
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today