CVE-2024-43047 - Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Project:Qualcomm
Product:Multiple Chipsets
Date Added:2024-10-08Due Date:2024-10-29
Vulnerability Name
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Description
Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Additional Notes
https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2
https://nvd.nist.gov/vuln/detail/CVE-2024-43047
Related News Articles
Google fixes Android zero-day exploited by Serbian authorities March 4, 2025
Google fixes Android kernel zero-day exploited in attacksFebruary 4, 2025
New Android NoviSpy spyware linked to Qualcomm zero-day bugsDecember 16, 2024
Google fixes two Android zero-days used in targeted attacksNovember 5, 2024
Google patches actively exploited Android vulnerability (CVE-2024-43093)November 5, 2024
