CVE-2024-23379

MEDIUM

Qualcomm Wsa8835 Firmware - Double Free

Title source: rule

Description

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.

References (1)

Scores

CVSS v3 6.7
EPSS 0.0006
EPSS Percentile 18.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-415
Status published

Affected Products (34)

qualcomm/wsa8835_firmware
qualcomm/wsa8830_firmware
qualcomm/wsa8815_firmware
qualcomm/wsa8810_firmware
qualcomm/wcn3990_firmware
qualcomm/wcd9380_firmware
qualcomm/wcd9341_firmware
qualcomm/wcd9340_firmware
qualcomm/wcd9335_firmware
qualcomm/srv1m_firmware
qualcomm/srv1h_firmware
qualcomm/snapdragon_auto_5g_modem-rf_gen_2_firmware
qualcomm/snapdragon_835_mobile_pc_platform_firmware
qualcomm/snapdragon_8_gen_1_mobile_platform_firmware
qualcomm/sd835_firmware
... and 19 more

Timeline

Published Oct 07, 2024
Tracked Since Feb 18, 2026