CVE-2024-49830 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

🗓️ 06 May 2025 08:32:15Reported by qualcommType

Buffer overflow in Audio causes memory corruption during IOCTL mixer controls call.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2024-49830	6 May 202509:15	–	attackerkb
Circl	CVE-2024-49830	6 May 202513:20	–	circl
CNNVD	Qualcomm Chipsets 安全漏洞	6 May 202500:00	–	cnnvd
CVE	CVE-2024-49830	6 May 202508:32	–	cve
EUVD	EUVD-2025-13538	3 Oct 202520:07	–	euvd
NVD	CVE-2024-49830	6 May 202509:15	–	nvd
Positive Technologies	PT-2025-19860 · Qualcomm · Snapdragon +12	6 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-49830	8 May 202510:11	–	redhatcve
Vulnrichment	CVE-2024-49830 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio	6 May 202508:32	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Snapdragon Auto",
      "Snapdragon Industrial IOT",
      "Snapdragon Wearables"
    ],
    "product": "Snapdragon",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "QCA6574AU"
      },
      {
        "status": "affected",
        "version": "QCA6595AU"
      },
      {
        "status": "affected",
        "version": "QCA6678AQ"
      },
      {
        "status": "affected",
        "version": "QCA6688AQ"
      },
      {
        "status": "affected",
        "version": "QCA6698AQ"
      },
      {
        "status": "affected",
        "version": "QCA9367"
      },
      {
        "status": "affected",
        "version": "QCA9377"
      },
      {
        "status": "affected",
        "version": "SDM429W"
      },
      {
        "status": "affected",
        "version": "Snapdragon 429 Mobile Platform"
      },
      {
        "status": "affected",
        "version": "Snapdragon Auto 5G Modem-RF Gen 2"
      },
      {
        "status": "affected",
        "version": "WCN3620"
      },
      {
        "status": "affected",
        "version": "WCN3660B"
      }
    ]
  }
]

Source	Link
docs	www.docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html

06 May 2025 08:32Current

CVSS 3.16.6

EPSS0.00093

CWE-120