CVE-2024-45568

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-45568
Memory corruption due to improper bounds check while command handling in camera-kernel driver.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
History

09 May 2025, 19:16

Type Values Removed Values Added
References () https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html - () https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html - Patch, Vendor Advisory
CPE cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
CWE CWE-125
First Time Qualcomm sxr2250p Firmware
Qualcomm wcn3620
Qualcomm wcd9385
Qualcomm
Qualcomm fastconnect 6900
Qualcomm sxr2230p
Qualcomm wcd9380 Firmware
Qualcomm wcn3620 Firmware
Qualcomm wsa8835
Qualcomm sdm429w
Qualcomm snapdragon 429 Mobile
Qualcomm wsa8830 Firmware
Qualcomm snapdragon 429 Mobile Firmware
Qualcomm wcn3660b Firmware
Qualcomm fastconnect 7800 Firmware
Qualcomm wsa8835 Firmware
Qualcomm fastconnect 7800
Qualcomm sdm429w Firmware
Qualcomm wcd9380
Qualcomm wsa8830
Qualcomm wcn3660b
Qualcomm fastconnect 6900 Firmware
Qualcomm sxr2250p
Qualcomm sxr2230p Firmware
Qualcomm wcd9385 Firmware
Qualcomm wsa8832
Qualcomm wsa8832 Firmware

07 May 2025, 14:13

Type Values Removed Values Added
Summary
  • (es) Corrupción de memoria debido a una verificación de límites incorrecta durante el manejo de comandos en el controlador del núcleo de la cámara.

06 May 2025, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-06 09:15

Updated : 2025-05-09 19:16

NVD link : CVE-2024-45568

Mitre link : CVE-2024-45568

CVE.ORG link : CVE-2024-45568

JSON object : View

Products Affected

qualcomm

  • wcn3660b
  • wcd9380
  • snapdragon_429_mobile_firmware
  • wcd9380_firmware
  • wsa8832
  • wcd9385
  • fastconnect_7800_firmware
  • wsa8832_firmware
  • sxr2230p_firmware
  • sxr2230p
  • wcd9385_firmware
  • wcn3660b_firmware
  • wcn3620
  • wsa8835_firmware
  • sdm429w_firmware
  • wsa8835
  • wcn3620_firmware
  • sxr2250p_firmware
  • sdm429w
  • snapdragon_429_mobile
  • fastconnect_6900_firmware
  • fastconnect_7800
  • wsa8830
  • sxr2250p
  • fastconnect_6900
  • wsa8830_firmware
CWE
CWE-126

Buffer Over-read

CWE-125

Out-of-bounds Read