CVE-2024-23377

Q: What is the severity of CVE-2024-23377?

CVE-2024-23377 has a CVSS score of 6.7 (MEDIUM). This vulnerability allows memory corruption in Qualcomm EVA drivers when user-space applications modify packet sizes after system properties have been sent. Attackers could potentially execute arbitrary code or cause system crashes. Affects devices using vulnerable Qualcomm chipsets.

6.7 MEDIUM

📋 TL;DR

This vulnerability allows memory corruption in Qualcomm EVA drivers when user-space applications modify packet sizes after system properties have been sent. Attackers could potentially execute arbitrary code or cause system crashes. Affects devices using vulnerable Qualcomm chipsets.

💻 Affected Systems

Products:

Qualcomm EVA driver components

Versions: Specific versions not detailed in reference; check Qualcomm November 2024 bulletin

Operating Systems: Android, Linux-based systems using Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with EVA driver enabled; exact chipset models not specified in provided reference

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel mode, allowing complete system compromise and persistence.

🟠

Likely Case

System instability, crashes, or denial of service affecting device functionality.

🟢

If Mitigated

Limited impact with proper access controls and sandboxing preventing user-space exploitation.

🌐 Internet-Facing: LOW - Requires local access to vulnerable driver interface.

🏢 Internal Only: MEDIUM - Malicious local applications or compromised users could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to interact with driver IOCTL interface; memory corruption exploitation requires additional techniques

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm November 2024 security bulletin for specific patched versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for affected chipset models. 2. Obtain firmware/OS updates from device manufacturer. 3. Apply patches following manufacturer instructions. 4. Reboot system to load patched driver.

🔧 Temporary Workarounds

Restrict driver access

linux

Limit access to EVA driver device nodes to prevent unauthorized IOCTL calls

chmod 600 /dev/eva*
setfacl -m u:root:rw- /dev/eva*

🧯 If You Can't Patch

Implement strict application sandboxing to prevent untrusted apps from accessing driver interfaces
Monitor for suspicious IOCTL calls to EVA driver using kernel auditing

🔍 How to Verify

Check if Vulnerable:

Check Qualcomm chipset version and compare against November 2024 security bulletin affected devices list

Check Version:

cat /sys/class/misc/eva/version or check device firmware version

Verify Fix Applied:

Verify driver version after update matches patched versions in Qualcomm advisory

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Driver crash messages
Unusual IOCTL calls to EVA driver

Network Indicators:

Not network exploitable

SIEM Query:

source="kernel" AND ("EVA" OR "ioctl") AND ("panic" OR "corruption" OR "invalid")

📊 Metadata

CVE ID: CVE-2024-23377

CVSS v3 Score: 6.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-823

Published: November 4, 2024

Last Updated: November 7, 2024

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcs7230 Firmware by Qualcomm

Qcs8250 Firmware by Qualcomm

Qcs8550 Firmware by Qualcomm

Sd 8 Gen1 5g Firmware by Qualcomm

Sg8275 Firmware by Qualcomm

Sg8275p Firmware by Qualcomm

Sm7525 Firmware by Qualcomm

Sm7550 Firmware by Qualcomm

Sm8550p Firmware by Qualcomm

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

Snapdragon 8 Gen 2 Mobile Platform Firmware by Qualcomm

Snapdragon Ar2 Gen 1 Platform Firmware by Qualcomm

Ssg2115p Firmware by Qualcomm

Ssg2125p Firmware by Qualcomm

Sxr1230p Firmware by Qualcomm

Sxr2230p Firmware by Qualcomm

Sxr2250p Firmware by Qualcomm

Video Collaboration Vc5 Platform Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9371 Firmware by Qualcomm

Wcd9375 Firmware by Qualcomm

Wcd9378 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcd9390 Firmware by Qualcomm

Wcd9395 Firmware by Qualcomm

Wcn6650 Firmware by Qualcomm

Wcn6755 Firmware by Qualcomm

Wcn7880 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8832 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm

Wsa8840 Firmware by Qualcomm

Wsa8845 Firmware by Qualcomm

Wsa8845h Firmware by Qualcomm