CVE-2024-21476

Q: What is the severity of CVE-2024-21476?

CVE-2024-21476 has a CVSS score of 7.8 (HIGH). CVE-2024-21476 is a memory corruption vulnerability in Qualcomm components where improper validation of user-supplied channel IDs can lead to arbitrary code execution. This affects devices using vulnerable Qualcomm chipsets, potentially allowing attackers to compromise device integrity and confidentiality.

7.8 HIGH

📋 TL;DR

CVE-2024-21476 is a memory corruption vulnerability in Qualcomm components where improper validation of user-supplied channel IDs can lead to arbitrary code execution. This affects devices using vulnerable Qualcomm chipsets, potentially allowing attackers to compromise device integrity and confidentiality.

💻 Affected Systems

Products:

Qualcomm chipsets and associated firmware

Versions: Specific affected versions detailed in Qualcomm's May 2024 security bulletin

Operating Systems: Android, Linux-based systems using Qualcomm components

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable Qualcomm chipsets; exact device models depend on OEM implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete device compromise, data theft, and persistent backdoor installation.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated permissions and access sensitive system resources.

🟢

If Mitigated

Denial of service or application crash if memory corruption is contained within sandboxed environments.

🌐 Internet-Facing: MEDIUM - Requires local access or exploitation through other vectors, but could be chained with other vulnerabilities.

🏢 Internal Only: HIGH - Local attackers or malicious apps could exploit this to escalate privileges and compromise devices.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access or ability to execute code; exploitation depends on specific memory layout and mitigations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches included in Qualcomm's May 2024 security updates

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html

Restart Required: Yes

Instructions:

1. Check with device manufacturer for available security updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot device after patch installation.

🔧 Temporary Workarounds

Restrict local code execution

all

Limit ability for untrusted applications to execute code or access system components

🧯 If You Can't Patch

Isolate affected devices from critical networks and sensitive data
Implement application allowlisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm's security bulletin; examine chipset version and patch level

Check Version:

Device-specific commands vary by manufacturer; generally check Settings > About Phone > Build Number

Verify Fix Applied:

Verify firmware version has been updated to include May 2024 Qualcomm security patches

📡 Detection & Monitoring

Log Indicators:

Unexpected process crashes in Qualcomm components
Memory access violation logs
Kernel panic or system instability

Network Indicators:

Unusual local process communication patterns
Suspicious inter-process communication

SIEM Query:

Process: (name contains "qcom" OR "qualcomm") AND (event_type: crash OR memory_violation)

📊 Metadata

CVE ID: CVE-2024-21476

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-20

Published: May 6, 2024

Last Updated: January 15, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html Vendor Advisory
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Aqt1000 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Qca1062 Firmware by Qualcomm

Qca1064 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qsm8250 Firmware by Qualcomm

Sc8180x Aaab Firmware by Qualcomm

Sc8180x Acaf Firmware by Qualcomm

Sc8180x Ad Firmware by Qualcomm

Sc8180x\+sdx55 Firmware by Qualcomm

Sc8180xp Aaab Firmware by Qualcomm

Sc8180xp Acaf Firmware by Qualcomm

Sc8180xp Ad Firmware by Qualcomm

Sc8280xp Abbb Firmware by Qualcomm

Sc8380xp Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sdx55 Firmware by Qualcomm

Snapdragon 865 5g Mobile Firmware by Qualcomm

Snapdragon 865 5g Mobile Firmware by Qualcomm

Snapdragon 870 5g Mobile Firmware by Qualcomm

Snapdragon 888 5g Mobile Firmware by Qualcomm

Snapdragon 888 5g Mobile Firmware by Qualcomm

Snapdragon X55 5g Modem Rf Firmware by Qualcomm

Snapdragon Xr2 5g Firmware by Qualcomm

Snapdragon Xr2\+ Gen 1 Firmware by Qualcomm

Sxr2130 Firmware by Qualcomm

Wcd9340 Firmware by Qualcomm

Wcd9341 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm

Wsa8840 Firmware by Qualcomm

Wsa8845 Firmware by Qualcomm

Wsa8845h Firmware by Qualcomm