CVE-2024-21453

Transient DOS while decoding message of size that exceeds the available system memory.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html	Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:video_collaboration_vc1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:video_collaboration_vc3_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

History

13 Jan 2025, 21:55

Type	Values Removed	Values Added
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html - Vendor Advisory
CWE		NVD-CWE-noinfo
First Time		Qualcomm wcn3950 Qualcomm snapdragon Auto 5g Modem-rf Qualcomm c-v2x 9150 Qualcomm wsa8815 Qualcomm wsa8810 Qualcomm wsa8810 Firmware Qualcomm wcn3980 Firmware Qualcomm video Collaboration Vc3 Qualcomm snapdragon Auto 5g Modem-rf Firmware Qualcomm qcs410 Firmware Qualcomm wcn3980 Qualcomm snapdragon Auto 4g Modem Qualcomm wcn3950 Firmware Qualcomm wcd9341 Firmware Qualcomm Qualcomm qcs610 Firmware Qualcomm video Collaboration Vc3 Firmware Qualcomm wcd9341 Qualcomm qcs610 Qualcomm qcs410 Qualcomm video Collaboration Vc1 Qualcomm wsa8815 Firmware Qualcomm c-v2x 9150 Firmware Qualcomm wcd9370 Firmware Qualcomm wcd9370 Qualcomm video Collaboration Vc1 Firmware Qualcomm snapdragon Auto 4g Modem Firmware
CPE		cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:::::::* cpe:2.3:h:qualcomm:video_collaboration_vc1:-:::::::* cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3950:-:::::::* cpe:2.3:o:qualcomm:qcs410_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9341:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::* cpe:2.3:h:qualcomm:c-v2x_9150:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3950_firmware:-:::::::* cpe:2.3:o:qualcomm:video_collaboration_vc1_firmware:-:::::::* cpe:2.3:h:qualcomm:qcs410:-:::::::* cpe:2.3:h:qualcomm:qcs610:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:o:qualcomm:video_collaboration_vc3_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:::::::* cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::* cpe:2.3:o:qualcomm:qcs610_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3980:-:::::::* cpe:2.3:h:qualcomm:video_collaboration_vc3:-:::::::*

21 Nov 2024, 08:54

Type	Values Removed	Values Added
References	~~() https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html -~~	() https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html -

12 Apr 2024, 09:15

Type	Values Removed	Values Added
Summary		(es) DOS transitorio mientras se decodifica un mensaje de tamaño que excede la memoria disponible del sistema.
CWE		CWE-20

01 Apr 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-01 15:15

Updated : 2025-01-13 21:55

NVD link : CVE-2024-21453

Mitre link : CVE-2024-21453

CVE.ORG link : CVE-2024-21453

JSON object : View

Products Affected

qualcomm

c-v2x_9150_firmware
qcs610
qcs410_firmware
snapdragon_auto_4g_modem
wcd9341_firmware
wsa8815
snapdragon_auto_5g_modem-rf
wcd9370_firmware
c-v2x_9150
wcd9341
wsa8810
wcn3980_firmware
video_collaboration_vc1
snapdragon_auto_5g_modem-rf_firmware
wsa8810_firmware
wcn3950
qcs410
qcs610_firmware
wcd9370
wsa8815_firmware
video_collaboration_vc3_firmware
wcn3980
video_collaboration_vc1_firmware
wcn3950_firmware
video_collaboration_vc3
snapdragon_auto_4g_modem_firmware

CWE

CWE-20

Improper Input Validation

NVD-CWE-noinfo

{"id": "CVE-2024-21453", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "product-security@qualcomm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-04-01T15:15:48.417", "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html", "tags": ["Vendor Advisory"], "source": "product-security@qualcomm.com"}, {"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "product-security@qualcomm.com", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Transient DOS while decoding message of size that exceeds the available system memory."}, {"lang": "es", "value": "DOS transitorio mientras se decodifica un mensaje de tama\u00f1o que excede la memoria disponible del sistema."}], "lastModified": "2025-01-13T21:55:00.293", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A725088-FC3B-4439-9189-72AA10954721"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B80D6366-4C0C-4C0D-9A38-769C66D62F0F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:video_collaboration_vc1_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25811F6A-AC23-4DCC-A987-B91E98EA7FB0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:video_collaboration_vc1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB0C4385-336B-4E10-B776-0AE51EBB6A12"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:video_collaboration_vc3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77397AFD-F4B1-437E-AB50-99EE6F305859"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:video_collaboration_vc3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "50FAF626-07C9-42CB-B92B-C263D66CF27D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88AF39A5-F44E-4B14-AA6E-4F80D9EEB017"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2A25FE8F-555A-4D85-8A94-A808B62EAE86"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:snapdragon_auto_4g_modem_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C8F12FE-0057-4A13-9A7F-D12C114ECEF9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:snapdragon_auto_4g_modem:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1271B0C7-2D91-4129-9B58-E6689DD68C39"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@qualcomm.com"}

7.5 /10