CVE-2024-38413 MEDIUM

CVE-2024-38413: Improper Input Validation in Computer Vision

Vendor Qualcomm, Inc.

Product Snapdragon

Weakness CWE-20 · Input validation

Published February 3, 2025

Last update February 3, 2025

View on NVD All CVEs

CVSS base score

6.6/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

What the vulnerability does

01Description

Memory corruption while processing frame packets.

Key dates

02Disclosure timeline

February 3, 2025 CVE published

February 3, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-38413 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

Identifiers

CVE CVE-2024-38413

CWE CWE-20

CVSS 6.6 / MEDIUM

Affected versions

Vendor Qualcomm, Inc.

Product Snapdragon

Affected FastConnect 7800

Vendor Qualcomm, Inc.

Product Snapdragon

Affected Snapdragon 8 Gen 3 Mobile Platform

Vendor Qualcomm, Inc.

Product Snapdragon

Affected WCD9390

Vendor Qualcomm, Inc.

Product Snapdragon

Affected WCD9395

Vendor Qualcomm, Inc.

Product Snapdragon

Affected WSA8840

Vendor Qualcomm, Inc.

Product Snapdragon

Affected WSA8845

Vendor Qualcomm, Inc.

Product Snapdragon

Affected WSA8845H

CVE-2024-38413: Improper Input Validation in Computer Vision

01Description

02Disclosure timeline

03References

04Related CVE