Cyber Resilience

CVE-2024-43057

High

Published: 03 March 2025

Published
03 March 2025
Modified
11 August 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0015 35.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43057 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Qcn6224 Firmware. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 35.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-43057 is a memory corruption vulnerability, classified under CWE-416 (Use After Free), that occurs while processing a command in Glink Linux. It affects Qualcomm products, as detailed in the vendor's security bulletin, and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant confidentiality, integrity, and availability impacts.

The vulnerability can be exploited by a local attacker with low privileges who has access to the affected system. Exploitation requires low complexity and no user interaction, allowing the attacker to trigger memory corruption during command processing in Glink Linux. Successful exploitation could result in high-impact outcomes, including arbitrary code execution, data tampering, or system denial of service within the local scope.

Qualcomm has addressed this issue in their March 2025 security bulletin, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html, which provides details on affected products and recommended patches or mitigations for security practitioners to apply.

EU & UK References

Vulnerability details

Memory corruption while processing command in Glink linux.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local use-after-free memory corruption in Qualcomm Glink Linux kernel component directly enables exploitation for privilege escalation from low-privileged local access to arbitrary code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-45571Same product: Qualcomm Ar8035
CVE-2025-47339Same product: Qualcomm Ar8035
CVE-2025-21424Same product: Qualcomm Ar8035
CVE-2024-53023Same product: Qualcomm Ar8035
CVE-2025-47375Same product: Qualcomm Ar8035
CVE-2025-47386Same product: Qualcomm Ar8035
CVE-2025-47376Same product: Qualcomm Ar8035
CVE-2025-47379Same product: Qualcomm Ar8035
CVE-2025-47377Same product: Qualcomm Ar8035
CVE-2026-24082Same product: Qualcomm Ar8035

Affected Assets

qualcomm
qcn6224 firmware
all versions
qualcomm
qcn6274 firmware
all versions
qualcomm
qcn6402 firmware
all versions
qualcomm
qcn6412 firmware
all versions
qualcomm
qcn6422 firmware
all versions
qualcomm
qcn6432 firmware
all versions
qualcomm
qcn9000 firmware
all versions
qualcomm
qcn9012 firmware
all versions
qualcomm
qcn9022 firmware
all versions
qualcomm
qcn9024 firmware
all versions
+143 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of flaws like this use-after-free vulnerability through application of vendor patches from the Qualcomm March 2025 security bulletin.

prevent

Implements memory protection mechanisms such as ASLR, DEP/NX, and stack canaries that directly mitigate use-after-free memory corruption exploitation.

prevent

Enforces least privilege to limit the privileges of the low-privilege local attacker and the affected Glink Linux process, reducing potential impact of arbitrary code execution.

References