CVE-2024-33022

Q: What is the severity of CVE-2024-33022?

CVE-2024-33022 has a CVSS score of 8.4 (HIGH). This vulnerability allows memory corruption in the HGSL driver when allocating memory, potentially leading to arbitrary code execution or system crashes. It affects devices using Qualcomm chipsets with vulnerable HGSL driver versions. Attackers could exploit this to gain elevated privileges or cause denial of service.

8.4 HIGH

📋 TL;DR

This vulnerability allows memory corruption in the HGSL driver when allocating memory, potentially leading to arbitrary code execution or system crashes. It affects devices using Qualcomm chipsets with vulnerable HGSL driver versions. Attackers could exploit this to gain elevated privileges or cause denial of service.

💻 Affected Systems

Products:

Qualcomm chipsets with HGSL driver

Versions: Specific versions not detailed in provided reference; check Qualcomm advisory for exact affected versions

Operating Systems: Android, Linux-based systems using Qualcomm chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices using Qualcomm processors with the vulnerable HGSL graphics driver component. Exact device models depend on chipset implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with kernel-level code execution, allowing attackers to install persistent malware, steal sensitive data, or brick the device.

🟠

Likely Case

Local privilege escalation allowing attackers to gain root/admin access on affected devices, potentially leading to data theft or further system exploitation.

🟢

If Mitigated

System crash or instability requiring reboot, with limited data exposure if proper isolation and access controls are implemented.

🌐 Internet-Facing: LOW - This appears to be a local vulnerability requiring access to the device, not directly exploitable over the internet.

🏢 Internal Only: HIGH - If an attacker gains local access to a vulnerable device, they could exploit this to escalate privileges and compromise the entire system.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Memory corruption vulnerabilities typically require some level of access to trigger. No public exploit code is mentioned in the provided reference.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm August 2024 security bulletin for specific patched versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for your specific chipset. 2. Obtain updated firmware/driver from device manufacturer. 3. Apply the patch following manufacturer instructions. 4. Reboot the device to load the updated driver.

🔧 Temporary Workarounds

Restrict local access

all

Limit physical and logical access to vulnerable devices to reduce attack surface

Disable unnecessary services

all

Reduce attack surface by disabling non-essential services that might provide local access vectors

🧯 If You Can't Patch

Isolate affected devices on segmented networks with strict access controls
Implement application allowlisting to prevent execution of unauthorized code

🔍 How to Verify

Check if Vulnerable:

Check device chipset and driver version against Qualcomm's August 2024 security bulletin. Use 'cat /proc/cpuinfo' on Linux/Android to identify chipset.

Check Version:

For Android: 'getprop ro.build.fingerprint' and check with manufacturer. For Linux: check kernel/driver version in system logs.

Verify Fix Applied:

Verify driver version has been updated to patched version specified in Qualcomm advisory. Check system logs for successful driver loading.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
Driver crash logs
Memory allocation failures in system logs
Unexpected privilege escalation attempts

Network Indicators:

Unusual local process communication patterns
Suspicious local service activations

SIEM Query:

Search for: 'kernel panic' OR 'driver crash' OR 'segmentation fault' in system logs from devices with Qualcomm chipsets

📊 Metadata

CVE ID: CVE-2024-33022

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-190

Published: August 5, 2024

Last Updated: November 20, 2024

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Flight Rb5 5g Platform Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8620p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9367 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcm4325 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcn6224 Firmware by Qualcomm

Qcn6274 Firmware by Qualcomm

Qcn9011 Firmware by Qualcomm

Qcn9012 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Qcs7230 Firmware by Qualcomm

Qcs8550 Firmware by Qualcomm

Qdu1000 Firmware by Qualcomm

Qdu1010 Firmware by Qualcomm

Qdu1110 Firmware by Qualcomm

Qdu1210 Firmware by Qualcomm

Qdx1010 Firmware by Qualcomm

Qdx1011 Firmware by Qualcomm

Qep8111 Firmware by Qualcomm

Qfw7114 Firmware by Qualcomm

Qfw7124 Firmware by Qualcomm

Qrb5165m Firmware by Qualcomm

Qrb5165n Firmware by Qualcomm

Qru1032 Firmware by Qualcomm

Qru1052 Firmware by Qualcomm

Qru1062 Firmware by Qualcomm

Robotics Rb5 Platform Firmware by Qualcomm

Sa4150p Firmware by Qualcomm

Sa4155p Firmware by Qualcomm

Sa6145p Firmware by Qualcomm

Sa6150p Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa7255p Firmware by Qualcomm

Sa7775p Firmware by Qualcomm

Sa8145p Firmware by Qualcomm

Sa8150p Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sa8255p Firmware by Qualcomm

Sa8295p Firmware by Qualcomm

Sa8620p Firmware by Qualcomm

Sa8650p Firmware by Qualcomm