CVE-2024-43047 - Qualcomm Multiple Chipsets Use-After-Free Vulnerability

CVE-2024-43047: Qualcomm | Multiple Chipsets

Date Added:
2024-10-08

Due Date:
2024-10-29

Vulnerability Name: Qualcomm Multiple Chipsets Use-After-Free Vulnerability

Description: Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Additional Notes: https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43047

Related News Articles

Google fixes two Android zero-days used in targeted attacksNovember 5, 2024

Google patches actively exploited Android vulnerability (CVE-2024-43093)November 5, 2024

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android SystemNovember 5, 2024

Qualcomm zero-day under targeted exploitation (CVE-2024-43047)October 8, 2024

Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active ExploitsOctober 8, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard