Memory Corruption Vulnerability in GPU Page Table Switch Handling
CVE-2024-38423 Published on November 4, 2024

Buffer Copy Without Checking Size of Input in Graphics Linux
Memory corruption while processing GPU page table switch.

NVD

Vulnerability Analysis

CVE-2024-38423 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is a Classic Buffer Overflow Vulnerability?

The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow. A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold, or when a program attempts to put data in a memory area outside of the boundaries of a buffer. The simplest type of error, and the most common cause of buffer overflows, is the "classic" case in which the program copies the buffer without restricting how much is copied. Other variants exist, but the existence of a classic overflow strongly suggests that the programmer is not considering even the most basic of security protections.

CVE-2024-38423 has been classified to as a Classic Buffer Overflow vulnerability or weakness.


Products Associated with CVE-2024-38423

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-38423 are published in these products:

 
 

Affected Versions

Qualcomm, Inc. Snapdragon: qualcomm 315_5g_iot_modem_firmware: qualcomm 9206_lte_modem_firmware: qualcomm apq8017_firmware: qualcomm apq8064au_firmware: qualcomm aqt1000_firmware: qualcomm ar8031_firmware: qualcomm ar8035_firmware: qualcomm c-v2x_9150_firmware: qualcomm csra6620_firmware: qualcomm csra6640_firmware: qualcomm csrb31024_firmware: qualcomm fastconnect_6200_firmware: qualcomm fastconnect_6700_firmware: qualcomm fastconnect_6800_firmware: qualcomm fastconnect_6900_firmware: qualcomm flight_rb5_5g_platform_firmware: qualcomm mdm9250_firmware: qualcomm mdm9628_firmware: qualcomm mdm9650_firmware: qualcomm msm8108_firmware: qualcomm msm8209_firmware: qualcomm msm8608_firmware: qualcomm msm8909w_firmware: qualcomm msm8996au_firmware: qualcomm qam8295p_firmware: qualcomm qca6174_firmware: qualcomm qca6174a_firmware: qualcomm qca6310_firmware: qualcomm qca6320_firmware: qualcomm qca6335_firmware: qualcomm qca6391_firmware: qualcomm qca6420_firmware: qualcomm qca6421_firmware: qualcomm qca6426_firmware: qualcomm qca6430_firmware: qualcomm qca6431_firmware: qualcomm qca6436_firmware: qualcomm qca6564_firmware: qualcomm qca6564a_firmware: qualcomm qca6564au_firmware: qualcomm qca6574_firmware: qualcomm qca6574a_firmware: qualcomm qca6574au_firmware: qualcomm qca6584au_firmware: qualcomm qca6595_firmware: qualcomm qca6595au_firmware: qualcomm qca6696_firmware: qualcomm qca6698aq_firmware: qualcomm qca8081_firmware: qualcomm qca8337_firmware: qualcomm qca9367_firmware: qualcomm qca9377_firmware: qualcomm qcm2150_firmware: qualcomm qcm2290_firmware: qualcomm qcm4290_firmware: qualcomm qcm6125_firmware: qualcomm qcm6490_firmware: qualcomm qcn6024_firmware: qualcomm qcn9011_firmware: qualcomm qcn9012_firmware: qualcomm qcn9024_firmware: qualcomm qcn9074_firmware: qualcomm qcs2290_firmware: qualcomm qcs410_firmware: qualcomm qcs4290_firmware: qualcomm qcs610_firmware: qualcomm qcs6125_firmware: qualcomm qcs6490_firmware: qualcomm qcs8155_firmware: qualcomm qrb5165m_firmware: qualcomm qrb5165n_firmware: qualcomm qsm8250_firmware: qualcomm_205_mobile_platform_firmware: qualcomm_215_mobile_platform_firmware: qualcomm_video_collaboration_vc1_platform_firmware: qualcomm_video_collaboration_vc3_platform_firmware: qualcomm robotics_rb3_platform_firmware: qualcomm robotics_rb5_platform_firmware: qualcomm sa4150p_firmware: qualcomm sa4155p_firmware: qualcomm sa6145p_firmware: qualcomm sa6150p_firmware: qualcomm sa6155_firmware: qualcomm sa6155p_firmware: qualcomm sa8145p_firmware: qualcomm sa8150p_firmware: qualcomm sa8155_firmware: qualcomm sa8155p_firmware: qualcomm sa8195p_firmware: qualcomm sa8295p_firmware: qualcomm sa8530p_firmware: qualcomm sa8540p_firmware: qualcomm sa9000p_firmware: qualcomm sd_675_firmware: qualcomm sd626_firmware: qualcomm sd660_firmware: qualcomm sd670_firmware: qualcomm sd675_firmware: qualcomm sd730_firmware: qualcomm sd835_firmware: qualcomm sd855_firmware: qualcomm sd865_5g_firmware: qualcomm sdm429w_firmware: qualcomm sdx20m_firmware: qualcomm sdx55_firmware: qualcomm sdx61_firmware: qualcomm sm4125_firmware: qualcomm sm6250_firmware: qualcomm sm6370_firmware: qualcomm sm7250p_firmware: qualcomm smart_audio_200_platform_firmware: qualcomm smart_audio_400_platform_firmware: qualcomm snapdragon_1200_wearable_platform_firmware: qualcomm snapdragon_208_processor_firmware: qualcomm snapdragon_210_processor_firmware: qualcomm snapdragon_212_mobile_platform_firmware: qualcomm snapdragon_4_gen_1_mobile_platform_firmware: qualcomm snapdragon_425_mobile_platform_firmware: qualcomm snapdragon_429_mobile_platform_firmware: qualcomm snapdragon_439_mobile_platform_firmware: qualcomm snapdragon_460_mobile_platform_firmware: qualcomm snapdragon_480_5g_mobile_platform_firmware: qualcomm snapdragon_625_mobile_platform_firmware: qualcomm snapdragon_626_mobile_platform_firmware: qualcomm snapdragon_630_mobile_platform_firmware: qualcomm snapdragon_632_mobile_platform_firmware: qualcomm snapdragon_636_mobile_platform_firmware: qualcomm snapdragon_660_mobile_platform_firmware: qualcomm snapdragon_662_mobile_platform_firmware: qualcomm snapdragon_670_mobile_platform_firmware: qualcomm snapdragon_675_mobile_platform_firmware: qualcomm snapdragon_680_4g_mobile_platform_firmware: qualcomm snapdragon_690_5g_mobile_platform_firmware: qualcomm snapdragon_695_5g_mobile_platform_firmware: qualcomm snapdragon_710_mobile_platform_firmware: qualcomm snapdragon_720g_mobile_platform_firmware: qualcomm snapdragon_750g_5g_mobile_platform_firmware: qualcomm snapdragon_820_automotive_platform_firmware: qualcomm snapdragon_835_mobile_pc_platform_firmware: qualcomm snapdragon_845_mobile_platform_firmware: qualcomm snapdragon_855_mobile_platform_firmware: qualcomm snapdragon_865_5g_mobile_platform_firmware: qualcomm snapdragon_888_5g_mobile_platform_firmware: qualcomm snapdragon_auto_5g_modem-rf_firmware: qualcomm snapdragon_wear_2100_platform_firmware: qualcomm snapdragon_wear_2500_platform_firmware: qualcomm snapdragon_wear_3100_platform_firmware: qualcomm snapdragon_x12_lte_modem_firmware: qualcomm snapdragon_x20_lte_modem_firmware: qualcomm snapdragon_x5_lte_modem_firmware: qualcomm snapdragon_x50_5g_modem-rf_system_firmware: qualcomm snapdragon_x55_5g_modem-rf_system_firmware: qualcomm snapdragon_x62_5g_modem-rf_system_firmware: qualcomm snapdragon_x65_5g_modem-rf_system_firmware: qualcomm snapdragon_xr1_platform_firmware: qualcomm snapdragon_xr2_5g_platform_firmware: qualcomm snapdragon_auto_4g_modem_firmware: qualcomm sw5100_firmware: qualcomm sw5100p_firmware: qualcomm sxr1120_firmware: qualcomm sxr2130_firmware: qualcomm vision_intelligence_300_platform_firmware: qualcomm vision_intelligence_400_platform_firmware: qualcomm wcd9326_firmware: qualcomm wcd9330_firmware: qualcomm wcd9335_firmware: qualcomm wcd9340_firmware: qualcomm wcd9341_firmware: qualcomm wcd9370_firmware: qualcomm wcd9371_firmware: qualcomm wcd9375_firmware: qualcomm wcd9380_firmware: qualcomm wcd9385_firmware: qualcomm wcn3610_firmware: qualcomm wcn3615_firmware: qualcomm wcn3620_firmware: qualcomm wcn3660b_firmware: qualcomm wcn3680_firmware: qualcomm wcn3680b_firmware: qualcomm wcn3910_firmware: qualcomm wcn3950_firmware: qualcomm wcn3980_firmware: qualcomm wcn3988_firmware: qualcomm wcn3990_firmware: qualcomm wsa8810_firmware: qualcomm wsa8815_firmware: qualcomm wsa8830_firmware: qualcomm wsa8835_firmware:

Exploit Probability

EPSS
0.20%
Percentile
41.88%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.