CVE-2024-49840
Published: 03 February 2025
Summary
CVE-2024-49840 is a high-severity Use of Out-of-range Pointer Offset (CWE-823) vulnerability in Qualcomm Fastconnect 6900 Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 27.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Implements memory protections such as address space randomization, stack guards, and non-executable memory regions to directly mitigate memory corruption from uninitialized pointers and buffer overflows in IOCTL handling.
Requires validation of all user-space inputs to kernel IOCTL interfaces, preventing exploitation via improper bounds checking and uninitialized pointer access in FIPS crypto validation.
Mandates timely remediation of identified flaws, including applying Qualcomm patches for this specific IOCTL memory corruption vulnerability documented in their February 2025 bulletin.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local memory corruption via IOCTL in kernel driver directly enables exploitation for privilege escalation to achieve arbitrary code execution or kernel compromise.
NVD Description
Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.
Deeper analysisAI
CVE-2024-49840 is a memory corruption vulnerability that occurs while invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality. It is associated with CWE-823 (Access of Uninitialized Pointer) and CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer). The vulnerability affects Qualcomm products, as documented in their public security resources.
The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it requires local access with low privileges, low attack complexity, and no user interaction. A local attacker meeting these conditions can exploit the IOCTL interface to trigger memory corruption, potentially achieving high impacts on confidentiality, integrity, and availability, such as arbitrary code execution or kernel compromise.
Qualcomm has published a February 2025 security bulletin addressing this issue at https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html, which security practitioners should review for details on affected components, patches, and mitigation recommendations.
Details
- CWE(s)