Memory Corruption Vulnerability in Qualcomm Products
CVE-2024-45580

7.8HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 3 March 2025

Summary

A memory corruption vulnerability has been identified in Qualcomm products that arises from improper handling of multiple IOCTL calls initiated from user space. This flaw could potentially allow malicious entities to exploit the memory management mechanisms, leading to unauthorized access or modification of critical resources within the device.

Affected Version(s)

Snapdragon Snapdragon Compute FastConnect 6900

Snapdragon Snapdragon Compute FastConnect 7800

Snapdragon Snapdragon Compute QMP1000

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 3, 2025
Vulnerability Reserved
Sep 2, 2024