CVE-2024-23378 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

🗓️ 07 Oct 2024 12:58:48Reported by qualcommType

Buffer overflow in Audio IOCTL cal

Reporter	Title	Published	Views	Family All 7
CNNVD	Qualcomm Chipsets 安全漏洞	7 Oct 202400:00	–	cnnvd
CVE	CVE-2024-23378	7 Oct 202412:58	–	cve
EUVD	EUVD-2024-20882	3 Oct 202520:07	–	euvd
NVD	CVE-2024-23378	7 Oct 202413:15	–	nvd
Positive Technologies	PT-2024-19853	7 Oct 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-23378	23 May 202508:45	–	redhatcve
Vulnrichment	CVE-2024-23378 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio	7 Oct 202412:58	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "QAM8255P"
      },
      {
        "status": "affected",
        "version": "QAM8650P"
      },
      {
        "status": "affected",
        "version": "QAM8775P"
      },
      {
        "status": "affected",
        "version": "QAMSRV1H"
      },
      {
        "status": "affected",
        "version": "QAMSRV1M"
      },
      {
        "status": "affected",
        "version": "QCA6584AU"
      },
      {
        "status": "affected",
        "version": "QCA6698AQ"
      },
      {
        "status": "affected",
        "version": "SA7255P"
      },
      {
        "status": "affected",
        "version": "SA7775P"
      },
      {
        "status": "affected",
        "version": "SA8255P"
      },
      {
        "status": "affected",
        "version": "SA8620P"
      },
      {
        "status": "affected",
        "version": "SA8650P"
      },
      {
        "status": "affected",
        "version": "SA8770P"
      },
      {
        "status": "affected",
        "version": "SA8775P"
      },
      {
        "status": "affected",
        "version": "SA9000P"
      },
      {
        "status": "affected",
        "version": "Snapdragon Auto 5G Modem-RF Gen 2"
      },
      {
        "status": "affected",
        "version": "SRV1H"
      },
      {
        "status": "affected",
        "version": "SRV1M"
      }
    ]
  }
]

Source	Link
docs	www.docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html

07 Oct 2024 12:58Current

CVSS 3.16.7

EPSS0.0011

CWE-120