CVE-2024-45581
MEDIUMQualcomm MDM9628 Firmware - Out-of-bounds Write in Audio Kernel Driver
Title source: llmDescription
Memory corruption while sound model registration for voice activation with audio kernel driver.
References (1)
Core 1
Core References
Patch, Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html
Scores
CVSS v3
6.6
EPSS
0.0017
EPSS Percentile
37.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (30)
qualcomm/mdm9628_firmware
qualcomm/qam8295p_firmware
qualcomm/qca6564a_firmware
qualcomm/qca6564au_firmware
qualcomm/qca6574a_firmware
qualcomm/qca6574au_firmware
qualcomm/qca6595au_firmware
qualcomm/qca6678aq_firmware
qualcomm/qca6688aq_firmware
qualcomm/qca6696_firmware
... and 20 more
Published
May 06, 2025
Tracked Since
Feb 18, 2026