CVE-2024-43047
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVSS
—
No CVSS
EPSS
0.7%
p48
KEV
YES
Oct 8, 2024
Exploit Today
64
0-100
Published: — · Last modified: —
Product
Qualcomm / Multiple Chipsets
Vulnerability
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Added to KEV
Oct 8, 2024
Remediate by
Oct 29, 2024
Known ransomware use
No
Summary description
Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory.
Required action
Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Notes
https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43047
No related CVEs by CWE or product.