CVE-2024-45558 in Snapdragon Auto
Summary
by MITRE • 01/06/2025
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 01/14/2025
This vulnerability represents a transient denial of service condition within a network driver component that processes wireless station profile information. The flaw manifests when the driver attempts to parse information elements associated with station profiles without proper validation of the element length structure. The issue specifically occurs during the handling of extended element identifiers where the driver directly accesses memory locations without verifying that sufficient data exists within the information element buffer. This type of vulnerability falls under the category of improper input validation and memory access violations that can lead to system instability and temporary service disruption.
The technical implementation of this vulnerability demonstrates a classic buffer overread condition where the driver code assumes the presence of extended element data without confirming that the information element contains adequate length to support such access. When processing wireless network profiles, the driver encounters information elements that may not contain the expected extended element ID structure, yet proceeds to access memory locations that could be outside the valid data boundaries. This pattern of operation creates a scenario where malformed or incomplete wireless profile data can trigger an access violation, leading to the driver crashing or becoming unresponsive. The vulnerability is classified as a transient denial of service because the system typically recovers once the problematic data is processed or the driver is reset, though the impact can still be significant during the period of service disruption.
From an operational perspective, this vulnerability affects wireless network infrastructure components that handle station profile information, particularly in enterprise wireless environments where multiple access points and wireless controllers process numerous station profiles. The impact extends beyond simple service interruption as it can affect network availability and user connectivity, potentially leading to cascading failures in wireless network operations. Attackers could exploit this vulnerability by crafting malicious wireless profiles that trigger the driver crash, causing temporary network outages that may last from seconds to minutes depending on system recovery mechanisms. The vulnerability is particularly concerning in mission-critical environments where wireless network availability is essential for business operations and where the transient nature of the denial of service means that the impact can be unpredictable and difficult to mitigate during active attacks.
The vulnerability aligns with CWE-129 and CWE-787 categories, representing improper input validation and out-of-bounds read conditions respectively. These classifications indicate that the root cause stems from inadequate validation of input data structures before memory access operations. The attack surface for this vulnerability corresponds to the wireless driver component within network infrastructure devices and can be mapped to ATT&CK technique T1499.004 which covers network disruption attacks. Organizations should implement immediate mitigations including driver updates from vendors, input validation enhancements, and network monitoring to detect anomalous wireless profile data patterns. Additionally, network segmentation and redundant wireless infrastructure can help minimize the impact of such transient disruptions while maintaining overall network availability and service continuity during the remediation process.