CVE-2024-33061

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-33061
Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.

5.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
History

10 Jan 2025, 16:49

Type Values Removed Values Added
First Time Qualcomm wsa8830 Firmware
Qualcomm
Qualcomm wsa8830
Qualcomm sw5100
Qualcomm wcn3680b Firmware
Qualcomm wcn3980
Qualcomm wcn3988 Firmware
Qualcomm wsa8835
Qualcomm wcn3660b
Qualcomm wcn3660b Firmware
Qualcomm qcs8550
Qualcomm wcn3680b
Qualcomm sw5100p Firmware
Qualcomm sw5100p
Qualcomm wcn3980 Firmware
Qualcomm wsa8835 Firmware
Qualcomm sw5100 Firmware
Qualcomm qcs8550 Firmware
Qualcomm wcn3988
CPE cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 6.8 		v2 : unknown
v3 : 5.5
CWE CWE-126 CWE-125
References () https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html - () https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html - Patch, Vendor Advisory

06 Jan 2025, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-01-06 11:15

Updated : 2025-01-10 16:49

NVD link : CVE-2024-33061

Mitre link : CVE-2024-33061

JSON object : View

Products Affected

qualcomm

  • qcs8550
  • qcs8550_firmware
  • sw5100_firmware
  • wsa8835
  • wcn3988_firmware
  • wcn3680b_firmware
  • sw5100p_firmware
  • wsa8830
  • wcn3980_firmware
  • wcn3988
  • wcn3660b
  • wsa8830_firmware
  • wsa8835_firmware
  • sw5100
  • wcn3680b
  • wcn3980
  • wcn3660b_firmware
  • sw5100p
CWE
CWE-125

Out-of-bounds Read