CVE-2024-38406

high-risk

Published 2024-11-04

Memory corruption while handling IOCTL calls in JPEG Encoder driver.

Do I need to act?

0.16% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Wsa8845H Firmware

Wsa8845 Firmware

Wsa8840 Firmware

Wsa8835 Firmware

Wsa8830 Firmware

Wsa8815 Firmware

Wsa8810 Firmware

Wcn3660B Firmware

Wcn3620 Firmware

Wcd9385 Firmware

Wcd9380 Firmware

Wcd9375 Firmware

Wcd9370 Firmware

Wcd9341 Firmware

Wcd9340 Firmware

Snapdragon 8Cx Gen 3 Compute Platform \(Sc8280Xp-Ab\, Bb\) Firmware

Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180Xp-Aa\, Ab\) Firmware

Snapdragon 8Cx Gen 2 5G Compute Platform \(Sc8180X-Ac\, Af\) \"Poipu Pro\" Firmware

Snapdragon 8Cx Compute Platform \(Sc8180Xp-Ac\, Af\) \"Poipu Pro\" Firmware

Snapdragon 8Cx Compute Platform \(Sc8180X-Aa\, Ab\) Firmware

Qualcomm

Patch https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024...

/ 100

high-risk

Severity 24/34 · High

Exploitability 1/34 · Minimal

Exposure 25/34 · High