Vulnerabilities > CVE-2024-53034 - Untrusted Pointer Dereference vulnerability in Qualcomm products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-822

NVD

Published: 2025-03-03

Updated: 2025-03-07

Summary

Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Fastconnect 6900 Firmware - Qualcomm Fastconnect 7800 Firmware - Qualcomm Sc8380Xp Firmware - Qualcomm Wcd9380 Firmware - Qualcomm Wcd9385 Firmware - Qualcomm Wsa8840 Firmware - Qualcomm Wsa8845 Firmware - Qualcomm Wsa8845H Firmware -	8
Hardware	Qualcomm Qualcomm Fastconnect 6900 * Qualcomm Fastconnect 7800 * Qualcomm Sc8380Xp * Qualcomm Wcd9380 * Qualcomm Wcd9385 * Qualcomm Wsa8840 * Qualcomm Wsa8845 * Qualcomm Wsa8845H *	8

Common Weakness Enumeration (CWE)

CWE-822 - Untrusted Pointer Dereference

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html