Qualcomm Snapdragon Auto up to XR2 5G Platform Metadata Size integer overflow

Summaryinfo

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables. This affects an unknown function of the component Metadata Size Handler. The manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2024-33035. Local access is required to approach this attack. No exploit exists. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables. It has been rated as critical. This issue affects some unknown processing of the component Metadata Size Handler. The manipulation with an unknown input leads to a integer overflow vulnerability. Using CWE to declare the problem leads to CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.

The advisory is shared at docs.qualcomm.com. The identification of this vulnerability is CVE-2024-33035 since 04/23/2024. The exploitation is known to be easy. An attack has to be approached locally. No form of authentication is needed for a successful exploitation. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $0-$5k at the moment (estimation calculated on 09/03/2024).

Upgrading eliminates this vulnerability.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Type

• Chip Software

Vendor

• Qualcomm

Name

• Snapdragon Auto
• Snapdragon Compute
• Snapdragon Industrial IOT
• Snapdragon Mobile
• Snapdragon Wearables

Version

• 4 Gen 1 Mobile Platform
• 4 Gen 2 Mobile Platform
• 8 Gen 1 Mobile Platform
• 8+ Gen 1 Mobile Platform
• 460 Mobile Platform
• 480 5G Mobile Platform
• 480+ 5G Mobile Platform (SM4350-AC)
• 662 Mobile Platform
• 680 4G Mobile Platform
• 685 4G Mobile Platform (SM6225-AD)
• 695 5G Mobile Platform
• 865 5G Mobile Platform
• 865+ 5G Mobile Platform (SM8250-AB)
• 870 5G Mobile Platform (SM8250-AC)
• FastConnect 6200
• FastConnect 6700
• FastConnect 6800
• FastConnect 6900
• FastConnect 7800
• QAM8255P
• QAM8620P
• QAM8650P
• QAM8775P
• QAMSRV1H
• QAMSRV1M
• QCA6391
• QCA6426
• QCA6436
• QCA6574
• QCA6574A
• QCA6574AU
• QCA6595AU
• QCA6696
• QCM4490
• QCS4490
• QCS6490
• Qualcomm Video Collaboration VC3 Platform
• SA4150P
• SA4155P
• SA6145P
• SA6150P
• SA6155
• SA6155P
• SA7255P
• SA7775P
• SA8145P
• SA8150P
• SA8155
• SA8155P
• SA8195P
• SA8255P
• SA8530P
• SA8540P
• SA8620P
• SA8650P
• SA8770P
• SA8775P
• SA9000P
• SD 8 Gen1 5G
• SD865 5G
• SM4125
• SM6370
• SRV1H
• SRV1L
• SRV1M
• SSG2115P
• SSG2125P
• SW5100
• SW5100P
• SXR1230P
• SXR2130
• TalynPlus
• W5+ Gen 1 Wearable Platform
• WCD9326
• WCD9335
• WCD9370
• WCD9375
• WCD9380
• WCD9385
• WCN3910
• WCN3950
• WCN3980
• WCN3988
• WSA8810
• WSA8815
• WSA8830
• WSA8832
• WSA8835
• X55 5G Modem-RF System
• XR2 5G Platform

License

• commercial

Website

• Vendor: https://www.qualcomm.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion