Memory Corruption Vulnerability in Qualcomm IOCTLs
CVE-2024-45578

7.8HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 6 May 2025

What is CVE-2024-45578?

A memory corruption vulnerability has been identified in Qualcomm's handling of IOCTLs during the validation of IFE output resource IDs. This issue arises when acquiring and updating IOCTLs, leading to potential unauthorized access and instability within affected systems. Users are advised to apply the available security updates to mitigate any risks associated with this vulnerability.

Affected Version(s)

Snapdragon Snapdragon Compute FastConnect 6900

Snapdragon Snapdragon Compute FastConnect 7800

Snapdragon Snapdragon Compute SDM429W

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2025
Vulnerability Reserved
Sep 2, 2024