2024-11-26
Platform: Qualcomm Multi-mode Call Processor
Version: Not Applicable (Affects All Versions)
Vulnerability: Denial-of-Service (DoS)
Severity: Medium
Date: August 5, 2024 (Published), November 26, 2024 (Updated)
What Undercode Says:
This article describes a vulnerability (CVE-2024-23350) in a Qualcomm multi-mode call processor that can be exploited to cause a Denial-of-Service (DoS) condition. The DoS occurs when the device receives a specific combination of network messages. While the details of the exploit aren’t publicly available, it’s classified as medium severity.
Here’s a breakdown of the issue:
Vulnerability: The device can crash if it receives specific network messages in a particular sequence. One message must have a failed integrity check, and the other needs to be a Location Positioning Protocol (LPP) message.
Impact: The device can become unresponsive and require a reboot to function again.
It’s important to note that:
The specific requirements to trigger the DoS are not publicly available.
Qualcomm has likely addressed this vulnerability in their latest updates.
What to do:
Keep your Android device updated with the latest security patches from your manufacturer.
If you suspect your device is experiencing DoS attacks, consult a security professional for assistance.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help