Cyber Posture

CVE-2024-38412

Medium

Published: 03 February 2025

Published
03 February 2025
Modified
05 February 2025
KEV Added
Patch
CVSS Score 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
EPSS Score 0.0008 23.0th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-38412 is a medium-severity Use After Free (CWE-416) vulnerability in Qualcomm Fastconnect 7800 Firmware. Its CVSS base score is 6.6 (Medium).

Operationally, ranked at the 23.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates CVE-2024-38412 by requiring timely application of vendor patches to remediate the Use After Free vulnerability in the IOCTL handler.

SI-16 Memory Protection good match
prevent

Kernel memory protections such as address space randomization and guard pages prevent exploitation of the Use After Free memory corruption during user-to-kernel IOCTL calls.

SI-10 Information Input Validation partial match
prevent

Validates user-space inputs to IOCTL calls, reducing the risk of triggering the memory corruption in session error handling code.

NVD Description

Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.

Deeper analysisAI

CVE-2024-38412 is a memory corruption vulnerability classified under CWE-416 (Use After Free), occurring while invoking IOCTL calls from user-space to kernel-space to handle session errors. It affects Qualcomm components, as documented in their security advisories.

The vulnerability carries a CVSS v3.1 base score of 6.6 (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L). A local attacker with low privileges can exploit it with low attack complexity and no user interaction required. Successful exploitation enables low-impact confidentiality and availability violations alongside high-impact integrity violations, potentially allowing data tampering or limited code execution in kernel space.

Qualcomm's February 2025 security bulletin, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html, details affected products and recommends applying available patches for mitigation.

Details

CWE(s)
CWE-416

Affected Products

qualcomm
fastconnect 7800 firmware
all versions
qualcomm
snapdragon 8 gen 3 mobile firmware
all versions
qualcomm
wcd9390 firmware
all versions
qualcomm
wcd9395 firmware
all versions
qualcomm
wsa8840 firmware
all versions
qualcomm
wsa8845 firmware
all versions
qualcomm
wsa8845h firmware
all versions

CVEs Like This One

CVE-2024-38413Same product: Qualcomm Fastconnect 7800
CVE-2024-33059Same product: Qualcomm Fastconnect 7800
CVE-2024-38411Same product: Qualcomm Fastconnect 7800
CVE-2024-33055Same product: Qualcomm Fastconnect 7800
CVE-2025-47358Same product: Qualcomm Fastconnect 7800
CVE-2024-45580Same product: Qualcomm Fastconnect 7800
CVE-2026-21380Same product: Qualcomm Fastconnect 7800
CVE-2025-47359Same product: Qualcomm Fastconnect 7800
CVE-2024-53023Same product: Qualcomm Fastconnect 7800
CVE-2024-45553Same product: Qualcomm Fastconnect 7800

References