CVE-2024-45584
Published: 03 February 2025
Summary
CVE-2024-45584 is a high-severity Untrusted Pointer Dereference (CWE-822) vulnerability in Qualcomm Ar8035 Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 29.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2024-45584 is a memory corruption vulnerability associated with CWE-822 (Untrusted Pointer Dereference) and CWE-119 (Buffer Overflow). It occurs when a compatibility IOCTL call is followed by a normal IOCTL call from userspace. The vulnerability affects Qualcomm products, as outlined in their February 2025 security bulletin, and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). It was published on 2025-02-03.
A local attacker with low privileges can exploit this issue with low attack complexity and no user interaction. Exploitation leads to high impacts on confidentiality, integrity, and availability, enabling potential arbitrary code execution, data tampering, or denial of service within the affected system scope.
The Qualcomm February 2025 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html provides details on mitigation, including identification of affected products and recommended patches or updates.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-41760
Vulnerability details
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local memory corruption in IOCTL handling directly enables kernel-level arbitrary code execution from low-privileged context, mapping to exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Implements memory safeguards such as address space randomization and data execution prevention to directly mitigate untrusted pointer dereferences and buffer overflows in kernel IOCTL handling.
Requires validation of userspace IOCTL inputs to prevent memory corruption from invalid pointers and buffer overflows triggered by compat followed by normal IOCTL calls.
Mandates timely identification, reporting, and patching of flaws like CVE-2024-45584 as detailed in the Qualcomm February 2025 security bulletin.