2025-01-06 13:03:43 +00:00
{
"id" : "CVE-2024-23366" ,
"sourceIdentifier" : "product-security@qualcomm.com" ,
"published" : "2025-01-06T11:15:07.977" ,
2025-01-10 19:03:46 +00:00
"lastModified" : "2025-01-10T17:20:45.130" ,
"vulnStatus" : "Analyzed" ,
2025-01-06 13:03:43 +00:00
"cveTags" : [ ] ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size."
2025-01-10 19:03:46 +00:00
} ,
{
"lang" : "es" ,
"value" : "Divulgaci\u00f3n de informaci\u00f3n al invocar la API de escritura del buz\u00f3n cuando el mensaje recibido del usuario es mayor que el tama\u00f1o del buz\u00f3n."
2025-01-06 13:03:43 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "product-security@qualcomm.com" ,
2025-01-10 19:03:46 +00:00
"type" : "Secondary" ,
2025-01-06 13:03:43 +00:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" ,
"baseScore" : 6.6 ,
"baseSeverity" : "MEDIUM" ,
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "LOW" ,
"availabilityImpact" : "LOW"
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 4.7
2025-01-10 19:03:46 +00:00
} ,
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" ,
"baseScore" : 5.5 ,
"baseSeverity" : "MEDIUM" ,
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
"availabilityImpact" : "NONE"
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 3.6
2025-01-06 13:03:43 +00:00
}
]
} ,
"weaknesses" : [
{
"source" : "product-security@qualcomm.com" ,
2025-01-10 19:03:46 +00:00
"type" : "Secondary" ,
2025-01-06 13:03:43 +00:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-126"
}
]
2025-01-10 19:03:46 +00:00
} ,
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-125"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3723C7B1-A7E2-401F-8D6D-189350F6BCA5"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B12B89EF-7B12-481E-BCBC-F12B9D16321A"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C2D9E281-B382-41AC-84CB-5B1063E5AC51"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "295E75BD-2A6C-4A76-A376-A9977DDB17FF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BD37AA1A-B911-45BF-9BCC-C772FA83E657"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "49B2DF91-BE6B-4E9E-B63C-98DADD29AD6B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qam8775p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "58170126-928F-4AE5-B5AF-5ED4710F9BA2"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F8673334-5E11-4E95-B33D-3029499F71DF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EC0B32F6-5EF0-4591-99D7-D0E9B09DEC5A"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "643EC76D-2836-48E6-81DA-78C4883C33CA"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "477F6529-4CE1-44FC-B6EE-D24D44C71AE7"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "288F637F-22F8-47CF-B67F-C798A730A1BD"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D0996EA3-1C92-4933-BE34-9CF625E59FE7"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0AE207DB-9770-40ED-961D-FDA75965826F"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0E23922D-C37F-476F-A623-4C1458A9156F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B3F7853D-09EE-476F-B48D-BB30AEB4A67D"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EC6E268D-C4AF-4950-9223-39EA36D538A8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2A19659B-A0C3-44B7-8D54-BA21729873A4"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F978041A-CE28-4BDF-A7DB-F0360F1A5F14"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8FE8B62D-83B4-4326-8A53-FED5947D5FFE"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2D6F8899-136A-4A57-9F02-BD428E1663DA"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E0E807AA-5646-48AD-9A5C-B0B13E222AA9"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sa8650p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "45FBB72B-B850-4E3F-ACBB-9392157FF131"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "781CCC31-C08F-499B-BE73-6C7DB70437AF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "75AFAA21-0589-4C6A-9418-34EE8A61BBAD"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1C79595B-1259-4431-96F9-C5A24E624305"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sa8775p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F2F3431-9CD7-4D4F-833D-DD4D3ACF94C7"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A024AB04-B213-4018-A4C1-FA467C7BA775"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A2A8AB7C-5D34-4794-8C06-2193075B323F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0CD199F5-DA68-4BEB-AA99-11572DA26B4F"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8ACA2D4D-FC77-4C1A-8278-1C27B3EA3303"
}
]
}
]
2025-01-06 13:03:43 +00:00
}
] ,
"references" : [
{
"url" : "https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html" ,
2025-01-10 19:03:46 +00:00
"source" : "product-security@qualcomm.com" ,
"tags" : [
"Vendor Advisory"
]
2025-01-06 13:03:43 +00:00
}
]
}
