Memory corruption while redirecting log file to any file location with any file name.
The error results from improper input data validation (CWE-20) during the operation of redirecting an event log file to any location and under any file name. Insufficient control of passed parameters leads to memory corruption. The attack can be performed remotely, without authentication and without user interaction.
An attacker can gain full control over the vulnerable component, including confidentiality, integrity, and system availability – which corresponds to the ability to execute arbitrary code (RCE) or cause serious device stability violations.
Apply patches available from the vendor according to the references – detailed information about fixes is contained in Qualcomm's October 2024 security bulletin: https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html
Qualcomm Snapdragon X65 5G Modem-RF System (firmware), Qualcomm SDX65M (firmware), Qualcomm SDX55 (firmware) – exact versions indicated in vendor references (Qualcomm October 2024 bulletin)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HQualcomm Ipq8076
HWQualcommwszystkie wersjeQualcomm Ipq8076a
HWQualcommwszystkie wersjeQualcomm Ipq8076a Firmware
OSQualcommwszystkie wersjeQualcomm Ipq8076 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq8078
HWQualcommwszystkie wersjeQualcomm Ipq8078a
HWQualcommwszystkie wersjeQualcomm Ipq8078a Firmware
OSQualcommwszystkie wersjeQualcomm Ipq8078 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq8173
HWQualcommwszystkie wersjeQualcomm Ipq8173 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq8174
HWQualcommwszystkie wersjeQualcomm Ipq8174 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq9008
HWQualcommwszystkie wersjeQualcomm Ipq9008 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq9554
HWQualcommwszystkie wersjeQualcomm Ipq9554 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq9574
HWQualcommwszystkie wersjeQualcomm Ipq9574 Firmware
OSQualcommwszystkie wersjeQualcomm Qca4024
HWQualcommwszystkie wersjeQualcomm Qca4024 Firmware
OSQualcommwszystkie wersjeQualcomm Qca8075
HWQualcommwszystkie wersjeQualcomm Qca8075 Firmware
OSQualcommwszystkie wersjeQualcomm Qca8081
HWQualcommwszystkie wersjeQualcomm Qca8081 Firmware
OSQualcommwszystkie wersjeQualcomm Qca8082
HWQualcommwszystkie wersjeQualcomm Qca8082 Firmware
OSQualcommwszystkie wersjeQualcomm Qca8084
HWQualcommwszystkie wersjeQualcomm Qca8084 Firmware
OSQualcommwszystkie wersjeQualcomm Qca8085
HWQualcommwszystkie wersjeQualcomm Qca8085 Firmware
OSQualcommwszystkie wersje
Related vulnerabilities
Qualcomm Firmware — memory corruption przy wyborze PLMN z listy SOR
Qualcomm: podatność kryptograficzna umożliwiająca Auth Bypass podczas pobierania
Qualcomm: Uszkodzenie pamięci przy parsowaniu ML IE w firmware
Uszkodzenie pamięci w TZ Secure OS podczas inicjalizacji Tunnel Invoke Manager (Qualcomm)
Qualcomm Hypervisor – buffer overflow przez niezalignowane dane platformy