CVE ID
CVE-2024-43047
Vulnerability Name
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
- Project: Qualcomm
- Product: *Multiple Chipsets *
Date
- Date Added: 2024-10-08
- Due Date: 2024-10-29
Description
Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Additional Notes
https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43047
Related Security News
- Android gets patches for Qualcomm flaws exploited in attacks
- Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
- Qualcomm fixes three Adreno GPU zero-days exploited in attacks
- Google fixes Android zero-days exploited in attacks, 60 other flaws
- Google fixes Android zero-day exploited by Serbian authorities
- Google fixes Android kernel zero-day exploited in attacks
- New Android NoviSpy spyware linked to Qualcomm zero-day bugs
- Google fixes two Android zero-days used in targeted attacks
- Google patches actively exploited Android vulnerability (CVE-2024-43093)
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
Top comments (0)