Memory Corruption Flaw in Qualcomm Devices Due to Improper Synchronization
CVE-2024-43062

7.8HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 3 March 2025

Summary

This vulnerability involves memory corruption resulting from inadequate locking mechanisms and checks on the Direct Memory Access (DMA) fence, compounded by improper synchronization practices. This issue may allow attackers to exploit the weaknesses, potentially leading to unauthorized access or control over affected devices. Ensuring robust memory management practices and applying relevant patches is essential for safeguarding against such vulnerabilities.

Affected Version(s)

Snapdragon Snapdragon Compute FastConnect 6900

Snapdragon Snapdragon Compute FastConnect 7800

Snapdragon Snapdragon Compute SDM429W

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 3, 2025
Vulnerability Reserved
Aug 5, 2024