CVE-2024-33041

MEDIUM

Qualcomm Fastconnect 6900 Firmware - Out-of-Bounds Write

Title source: rule
STIX 2.1

Description

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,

References (1)

Scores

CVSS v3 6.7
EPSS 0.0005
EPSS Percentile 14.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-823 CWE-787
Status published
Products (35)
qualcomm/fastconnect_6900_firmware
qualcomm/fastconnect_7800_firmware
qualcomm/qam8295p_firmware
qualcomm/qca6574au_firmware
qualcomm/qca6696_firmware
qualcomm/qcm8550_firmware
qualcomm/qcs6490_firmware
qualcomm/qcs8550_firmware
qualcomm/sa6145p_firmware
qualcomm/sa6150p_firmware
... and 25 more
Published Jan 06, 2025
Tracked Since Feb 18, 2026