CVE-2024-49830

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-49830
Memory corruption while processing an IOCTL call to set mixer controls.

6.6 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6688aq:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_429_mobile_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_429_mobile:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*
History

09 May 2025, 19:12

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-06 09:15

Updated : 2025-05-09 19:12

NVD link : CVE-2024-49830

Mitre link : CVE-2024-49830

CVE.ORG link : CVE-2024-49830

JSON object : View

Products Affected

qualcomm

  • qca9367_firmware
  • snapdragon_429_mobile_firmware
  • snapdragon_429_mobile
  • qca6688aq_firmware
  • qca6595au_firmware
  • snapdragon_auto_5g_modem-rf_gen_2
  • qca6698aq_firmware
  • sdm429w_firmware
  • qca6678aq
  • wcn3620
  • qca6595au
  • qca6678aq_firmware
  • qca9367
  • qca6574au
  • snapdragon_auto_5g_modem-rf_gen_2_firmware
  • qca6698aq
  • wcn3620_firmware
  • wcn3660b
  • qca6574au_firmware
  • qca9377
  • sdm429w
  • qca6688aq
  • qca9377_firmware
  • wcn3660b_firmware
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')