Cyber Posture

CVE-2024-43057

High

Published: 03 March 2025

Published
03 March 2025
Modified
11 August 2025
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0015 35.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43057 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Qcn6224 Firmware. Its CVSS base score is 7.8 (High).

Operationally, ranked at the 35.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Requires timely remediation of flaws like this use-after-free vulnerability through application of vendor patches from the Qualcomm March 2025 security bulletin.

SI-16 Memory Protection good match
prevent

Implements memory protection mechanisms such as ASLR, DEP/NX, and stack canaries that directly mitigate use-after-free memory corruption exploitation.

AC-6 Least Privilege partial match
prevent

Enforces least privilege to limit the privileges of the low-privilege local attacker and the affected Glink Linux process, reducing potential impact of arbitrary code execution.

NVD Description

Memory corruption while processing command in Glink linux.

Deeper analysisAI

CVE-2024-43057 is a memory corruption vulnerability, classified under CWE-416 (Use After Free), that occurs while processing a command in Glink Linux. It affects Qualcomm products, as detailed in the vendor's security bulletin, and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant confidentiality, integrity, and availability impacts.

The vulnerability can be exploited by a local attacker with low privileges who has access to the affected system. Exploitation requires low complexity and no user interaction, allowing the attacker to trigger memory corruption during command processing in Glink Linux. Successful exploitation could result in high-impact outcomes, including arbitrary code execution, data tampering, or system denial of service within the local scope.

Qualcomm has addressed this issue in their March 2025 security bulletin, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html, which provides details on affected products and recommended patches or mitigations for security practitioners to apply.

Details

CWE(s)
CWE-416

Affected Products

qualcomm
qcn6224 firmware
all versions
qualcomm
qcn6274 firmware
all versions
qualcomm
qcn6402 firmware
all versions
qualcomm
qcn6412 firmware
all versions
qualcomm
qcn6422 firmware
all versions
qualcomm
qcn6432 firmware
all versions
qualcomm
qcn9000 firmware
all versions
qualcomm
qcn9012 firmware
all versions
qualcomm
qcn9022 firmware
all versions
qualcomm
qcn9024 firmware
all versions
+143 more product configuration(s) — see NVD for full list

CVEs Like This One

CVE-2024-45571Same product: Qualcomm Ar8035
CVE-2025-47339Same product: Qualcomm Ar8035
CVE-2025-21424Same product: Qualcomm Ar8035
CVE-2024-53023Same product: Qualcomm Ar8035
CVE-2025-47375Same product: Qualcomm Ar8035
CVE-2025-47376Same product: Qualcomm Ar8035
CVE-2025-47386Same product: Qualcomm Ar8035
CVE-2025-47379Same product: Qualcomm Ar8035
CVE-2025-47377Same product: Qualcomm Ar8035
CVE-2026-24082Same product: Qualcomm Ar8035

References