CVE-2024-45546

HIGH

Product <Version - Memory Corruption

Title source: llm
STIX 2.1

Description

Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.

References (1)

Scores

CVSS v3 7.8
EPSS 0.0010
EPSS Percentile 27.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-125 CWE-126
Status published
Products (10)
qualcomm/fastconnect_6900_firmware
qualcomm/fastconnect_7800_firmware
qualcomm/qcc2073_firmware
qualcomm/qcc2076_firmware
qualcomm/sc8380xp_firmware
qualcomm/wcd9380_firmware
qualcomm/wcd9385_firmware
qualcomm/wsa8840_firmware
qualcomm/wsa8845_firmware
qualcomm/wsa8845h_firmware
Published Jan 06, 2025
Tracked Since Feb 18, 2026