CVE-2024-21464

HIGH 8.4

Buffer Copy Without Checking Size of Input in Data Network Stack & Connectivity

CVSS Score

8.4

EPSS Score

0.0%

EPSS Percentile

0th

Memory corruption while processing IPA statistics, when there are no active clients registered.

CWE	CWE-120
Vendor	qualcomm, inc.
Product	snapdragon
Published	Jan 6, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for qualcomm, inc. snapdragon

Be the first to know when new high vulnerabilities affecting qualcomm, inc. snapdragon are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Qualcomm, Inc. / Snapdragon

FastConnect 6700 FastConnect 6900 FastConnect 7800 QCM4490 QCS4490 Snapdragon 8 Gen 3 Mobile Platform Snapdragon 8+ Gen 1 Mobile Platform TalynPlus WCD9370 WCD9390 WCD9395 WCN3950 WCN6740 WSA8810 WSA8815 WSA8830 WSA8832 WSA8835 WSA8840 WSA8845 WSA8845H

References

NVD ↗ CVE.org ↗ EPSS Data ↗

docs.qualcomm.com: https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html