CVE-2024-21482

Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:immersive_home_3210_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:immersive_home_3210_platform:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:immersive_home_326_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:immersive_home_326_platform:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:ipq5302_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq5302:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:ipq5312_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq5312:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:ipq5332_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq5332:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq6028:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:ipq8070a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8070a:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:ipq8071a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8071a:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:ipq8072a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8072a:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:ipq8074a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8074a:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:ipq8076a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8076a:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:ipq8078a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8078a:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:ipq8173_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8173:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:ipq8174_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq8174:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:ipq9554_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq9554:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:ipq9570_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq9570:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

cpe:2.3:o:qualcomm:qcf8000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcf8000:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:qualcomm:qcf8001_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcf8001:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND

cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND

cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND

cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND

cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND

cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND

cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*

Configuration 48 (hide)

AND

cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*

Configuration 49 (hide)

AND

cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*

Configuration 50 (hide)

AND

cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*

Configuration 51 (hide)

AND

cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*

Configuration 52 (hide)

AND

cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6112:-:*:*:*:*:*:*:*

Configuration 53 (hide)

AND

cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*

Configuration 54 (hide)

AND

cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*

Configuration 55 (hide)

AND

cpe:2.3:o:qualcomm:qcn6402_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6402:-:*:*:*:*:*:*:*

Configuration 56 (hide)

AND

cpe:2.3:o:qualcomm:qcn6412_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6412:-:*:*:*:*:*:*:*

Configuration 57 (hide)

AND

cpe:2.3:o:qualcomm:qcn6422_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6422:-:*:*:*:*:*:*:*

Configuration 58 (hide)

AND

cpe:2.3:o:qualcomm:qcn6432_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn6432:-:*:*:*:*:*:*:*

Configuration 59 (hide)

AND

cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*

Configuration 60 (hide)

AND

cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*

Configuration 61 (hide)

AND

cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*

Configuration 62 (hide)

AND

cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*

Configuration 63 (hide)

AND

cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9072:-:*:*:*:*:*:*:*

Configuration 64 (hide)

AND

cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9074:-:*:*:*:*:*:*:*

Configuration 65 (hide)

AND

cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*

Configuration 66 (hide)

AND

cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*

Configuration 67 (hide)

AND

cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*

Configuration 68 (hide)

AND

cpe:2.3:o:qualcomm:sdx65m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx65m:-:*:*:*:*:*:*:*

Configuration 69 (hide)

AND

cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf_system:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-07-01 15:15

Updated : 2024-07-02 17:51

NVD link : CVE-2024-21482

Mitre link : CVE-2024-21482

CVE.ORG link : CVE-2024-21482

JSON object : View

Products Affected

qualcomm

ipq9574_firmware
sdx65m
qcn5124_firmware
immersive_home_316_platform_firmware
ipq8070a
ipq9554_firmware
qcn9024
qcn6112_firmware
ipq8174
ipq8078
qca4024_firmware
qcn5154_firmware
qcn5052
ipq6028
qcn6023
immersive_home_318_platform_firmware
qcn6402
qcn9100
ipq8078a
qcn9022_firmware
qcf8001
immersive_home_216_platform_firmware
immersive_home_318_platform
qcn6432
qcf8000_firmware
qcn9274
ipq6018_firmware
qcn5122_firmware
qcn5024_firmware
qcn6132
qcn9024_firmware
qcf8001_firmware
qcn9100_firmware
qcn9072_firmware
qca8084
ipq8071a_firmware
snapdragon_x65_5g_modem-rf_system_firmware
ipq9008_firmware
ipq8074a
qca8081_firmware
qcn6402_firmware
qcn9072
ipq5312
ipq9554
qcn9000_firmware
qca9889
ipq5010_firmware
ipq6010_firmware
qca8386_firmware
qcf8000
qcn5164_firmware
csr8811_firmware
qcn6422
qcn9070
qcn6412_firmware
qcn6112
qca9888_firmware
qcn6412
qcn6132_firmware
qca8085_firmware
qcn9074
immersive_home_214_platform_firmware
qcn5124
sdx55_firmware
ipq9570_firmware
qca8085
qca8386
ipq8070a_firmware
ipq9574
ipq5332_firmware
qcn6023_firmware
ipq5302_firmware
qcn6122
ipq8072a_firmware
qca8082_firmware
qca9889_firmware
snapdragon_x65_5g_modem-rf_system
ipq5312_firmware
csr8811
ipq6000_firmware
ipq5332
ipq8071a
immersive_home_3210_platform_firmware
ipq8078a_firmware
ipq5028
ipq8078_firmware
ipq8076a_firmware
ipq8174_firmware
ipq8076a
ipq5028_firmware
qcn6024_firmware
qcn6432_firmware
ipq6000
qcn5152_firmware
qca4024
qcn9074_firmware
ipq6010
ipq6018
ipq8173
immersive_home_326_platform_firmware
ipq5010
qcn5024
ipq9008
immersive_home_216_platform
qcn9274_firmware
qcn9000
qcn5122
ipq5302
qcn5164
immersive_home_326_platform
immersive_home_316_platform
ipq8072a
qcn5152
qca9888
qcn5052_firmware
qcn9022
immersive_home_214_platform
qca8084_firmware
qca8075_firmware
qcn6024
sdx55
ipq8173_firmware
qca8075
ipq8076
sdx65m_firmware
qcn6122_firmware
qca8081
qcn5022_firmware
ipq6028_firmware
ipq9570
qcn5022
immersive_home_3210_platform
ipq8074a_firmware
qca8082
qcn9070_firmware
qcn5154
qcn6422_firmware
ipq8076_firmware

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

7.8 /10