Description
Memory corruption while triggering commands in the PlayReady Trusted application.
Product(s):
- Qualcomm AR8035 Firmware
- Qualcomm FASTCONNECT 6200 FIRMWARE -
- Qualcomm Fastconnect 6700 Firmware -
- Qualcomm Fastconnect 6800 Firmware -
- Qualcomm Fastconnect 6900 Firmware -
- Qualcomm FASTCONNECT 7800 FIRMWARE -
- Qualcomm FLIGHT RB5 5G FIRMWARE -
- Qualcomm QAM8255P Firmware
- Qualcomm QAM8295P Firmware
- Qualcomm QAM8620P FIRMWARE
- Qualcomm QAM8650P Firmware
- Qualcomm QAM8775P Firmware
- Qualcomm QAMSRV1H Firmware
- Qualcomm QAMSRV1M Firmware
- Qualcomm QCA6174A Firmware
- Qualcomm QCA6391 Firmware -
- Qualcomm QCA6421 Firmware
- Qualcomm QCA6426 Firmware
- Qualcomm QCA6431 Firmware
- Qualcomm QCA6436 Firmware
- Qualcomm QCA6564 Firmware
- Qualcomm QCA6564A Firmware
- Qualcomm QCA6564AU Firmware
- Qualcomm QCA6574 Firmware
- Qualcomm QCA6574A Firmware
- Qualcomm QCA6574AU Firmware
- Qualcomm QCA6584AU Firmware
- Qualcomm QCA6595 Firmware
- Qualcomm QCA6595AU Firmware
- Qualcomm QCA6678AQ FIRMWARE -
- Qualcomm QCA6688AQ Firmware
- Qualcomm QCA6696 Firmware
- Qualcomm QCA6698AQ FIRMWARE -
- Qualcomm QCA6797AQ Firmware
- Qualcomm QCA8081 Firmware
- Qualcomm QCA8337 Firmware
- Qualcomm QCC710 Firmware
- Qualcomm QCM5430 Firmware
- Qualcomm QCM6490 Firmware
- Qualcomm QCM8550 Firmware
- Qualcomm QCN6224 Firmware
- Qualcomm QCN6274 Firmware
- Qualcomm QCN9011 Firmware
- Qualcomm QCN9012 Firmware
- Qualcomm QCN9274 Firmware
- Qualcomm QCS5430 Firmware
- Qualcomm QCS615 Firmware
- Qualcomm QCS6490 Firmware
- Qualcomm QCS7230 Firmware
- Qualcomm QCS8155 Firmware
- Qualcomm QCS8250 Firmware
- Qualcomm QCS8300 Firmware
- Qualcomm QCS8550 Firmware
- Qualcomm QCS9100 Firmware
- Qualcomm QDU1000 Firmware
- Qualcomm QDU1010 Firmware
- Qualcomm QDU1110 Firmware
- Qualcomm QDU1210 Firmware
- Qualcomm QDX1010 Firmware
- Qualcomm QDX1011 Firmware
- Qualcomm QEP8111 Firmware
- Qualcomm QFW7114 Firmware
- Qualcomm QFW7124 Firmware
- Qualcomm QMP1000 Firmware
- Qualcomm QRB5165M Firmware
- Qualcomm QRB5165N Firmware
- Qualcomm QRU1032 Firmware
- Qualcomm QRU1052 Firmware
- Qualcomm QRU1062 Firmware
- Qualcomm QSM8250 Firmware
- Qualcomm QSM8350 Firmware
- Qualcomm ROBOTICS RB5 FIRMWARE -
- Qualcomm SA4150P Firmware
- Qualcomm SA4155P Firmware
- Qualcomm SA6145P Firmware
- Qualcomm SA6150P Firmware
- Qualcomm SA6155 FIRMWARE
- Qualcomm SA6155P Firmware
- Qualcomm SA7255P FIRMWARE
- Qualcomm SA7775P FIRMWARE
- Qualcomm SA8145P Firmware
- Qualcomm SA8150P Firmware
- Qualcomm SA8155 Firmware
- Qualcomm SA8155P Firmware -
- Qualcomm SA8195P Firmware
- Qualcomm SA8255P Firmware
- Qualcomm SA8295P Firmware
- Qualcomm SA8530P FIRMWARE
- Qualcomm SA8540p Firmware
- Qualcomm SA8620P FIRMWARE
- Qualcomm SA8650P Firmware
- Qualcomm SA8770P Firmware
- Qualcomm SA8775P Firmware
- Qualcomm SA9000p Firmware
- Qualcomm SC8280XP-ABBB Firmware
- Qualcomm SC8380XP Firmware
- Qualcomm SD670 Firmware
- Qualcomm SD865 5G Firmware
- Qualcomm SD 8 Gen1 5G Firmware
- Qualcomm SDM429W Firmware
- +81 additional
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2024-49844, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2024-49844 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.
References:
- http://webappsec.pbworks.com/Improper-Input-Handling
- https://capec.mitre.org/data/definitions/10.html
- https://capec.mitre.org/data/definitions/101.html
- https://capec.mitre.org/data/definitions/104.html
- https://capec.mitre.org/data/definitions/108.html
- https://capec.mitre.org/data/definitions/109.html
- https://capec.mitre.org/data/definitions/110.html
- https://capec.mitre.org/data/definitions/120.html
- https://capec.mitre.org/data/definitions/13.html
- https://capec.mitre.org/data/definitions/135.html
- https://capec.mitre.org/data/definitions/136.html
- https://capec.mitre.org/data/definitions/14.html
- https://capec.mitre.org/data/definitions/153.html
- https://capec.mitre.org/data/definitions/182.html
- https://capec.mitre.org/data/definitions/209.html
- https://capec.mitre.org/data/definitions/22.html
- https://capec.mitre.org/data/definitions/23.html
- https://capec.mitre.org/data/definitions/230.html
- https://capec.mitre.org/data/definitions/231.html
- https://capec.mitre.org/data/definitions/24.html
- https://capec.mitre.org/data/definitions/250.html
- https://capec.mitre.org/data/definitions/261.html
- https://capec.mitre.org/data/definitions/267.html
- https://capec.mitre.org/data/definitions/28.html
- https://capec.mitre.org/data/definitions/3.html
- https://capec.mitre.org/data/definitions/31.html
- https://capec.mitre.org/data/definitions/42.html
- https://capec.mitre.org/data/definitions/43.html
- https://capec.mitre.org/data/definitions/45.html
- https://capec.mitre.org/data/definitions/46.html
- https://capec.mitre.org/data/definitions/47.html
- https://capec.mitre.org/data/definitions/473.html
- https://capec.mitre.org/data/definitions/52.html
- https://capec.mitre.org/data/definitions/53.html
- https://capec.mitre.org/data/definitions/588.html
- https://capec.mitre.org/data/definitions/63.html
- https://capec.mitre.org/data/definitions/64.html
- https://capec.mitre.org/data/definitions/664.html
- https://capec.mitre.org/data/definitions/67.html
- https://capec.mitre.org/data/definitions/7.html
- https://capec.mitre.org/data/definitions/71.html
- https://capec.mitre.org/data/definitions/72.html
- https://capec.mitre.org/data/definitions/73.html
- https://capec.mitre.org/data/definitions/78.html
- https://capec.mitre.org/data/definitions/79.html
- https://capec.mitre.org/data/definitions/8.html
- https://capec.mitre.org/data/definitions/80.html
- https://capec.mitre.org/data/definitions/81.html
- https://capec.mitre.org/data/definitions/83.html
- https://capec.mitre.org/data/definitions/85.html
- https://capec.mitre.org/data/definitions/88.html
- https://capec.mitre.org/data/definitions/9.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-49844