CVE-2024-38418

Q: What is the severity of CVE-2024-38418?

CVE-2024-38418 has a CVSS score of 7.8 (HIGH). This vulnerability allows memory corruption through improper handling of memory map information in IOCTL calls. Attackers could potentially execute arbitrary code or cause denial of service. This affects systems using Qualcomm components with vulnerable drivers.

7.8 HIGH

📋 TL;DR

This vulnerability allows memory corruption through improper handling of memory map information in IOCTL calls. Attackers could potentially execute arbitrary code or cause denial of service. This affects systems using Qualcomm components with vulnerable drivers.

💻 Affected Systems

Products:

Qualcomm chipsets and associated drivers

Versions: Specific versions not detailed in reference; check Qualcomm advisory for affected chipset/driver versions.

Operating Systems: Android, Linux-based systems using Qualcomm components

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in Qualcomm's memory management IOCTL implementation; requires driver access.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level access, allowing complete system compromise and persistence.

🟠

Likely Case

Local denial of service through system crashes or instability from memory corruption.

🟢

If Mitigated

Limited impact with proper access controls preventing unauthorized users from making IOCTL calls.

🌐 Internet-Facing: LOW - Requires local access to vulnerable interface, not directly exposed to internet.

🏢 Internal Only: MEDIUM - Local attackers or malicious insiders could exploit if they gain access to vulnerable systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to make specific IOCTL calls; memory corruption exploitation requires additional steps.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm February 2025 security bulletin for specific patched versions.

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html

Restart Required: No

Instructions:

1. Check Qualcomm advisory for affected chipset/driver versions. 2. Apply vendor-provided patches or firmware updates. 3. Update device firmware through manufacturer channels.

🔧 Temporary Workarounds

Restrict IOCTL access

all

Limit access to vulnerable IOCTL interfaces using SELinux/AppArmor policies or device permissions.

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized users from accessing device drivers.
Monitor for unusual IOCTL calls or system crashes that might indicate exploitation attempts.

🔍 How to Verify

Check if Vulnerable:

Check device chipset and driver versions against Qualcomm's advisory; examine /proc/version or vendor-specific version files.

Check Version:

cat /proc/version or check manufacturer's device information settings.

Verify Fix Applied:

Verify updated firmware/driver versions match patched versions in Qualcomm advisory.

📡 Detection & Monitoring

Log Indicators:

Kernel panics, system crashes, unusual IOCTL call patterns in kernel logs.

Network Indicators:

Not network exploitable; focus on local system behavior.

SIEM Query:

Search for kernel logs containing 'panic', 'Oops', or specific driver crash messages.

📊 Metadata

CVE ID: CVE-2024-38418

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-367

EPSS Score: 0.02% exploit probability (4.8th percentile)

Published: February 3, 2025

Last Updated: February 5, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

C V2x 9150 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qcn9074 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qsm8250 Firmware by Qualcomm

Sa6145p Firmware by Qualcomm

Sa6150p Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa8145p Firmware by Qualcomm

Sa8150p Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sa8295p Firmware by Qualcomm

Sa8530p Firmware by Qualcomm

Sa8540p Firmware by Qualcomm

Sa9000p Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sdm429w Firmware by Qualcomm

Sdx55 Firmware by Qualcomm

Snapdragon 429 Mobile Firmware by Qualcomm

Snapdragon 8 Gen 1 Mobile Firmware by Qualcomm

Snapdragon 865 5g Mobile Firmware by Qualcomm

Snapdragon 865 5g Mobile Firmware by Qualcomm

Snapdragon 870 5g Mobile Firmware by Qualcomm

Snapdragon Auto 4g Modem Firmware by Qualcomm

Snapdragon W5\+ Gen 1 Wearable Firmware by Qualcomm

Snapdragon X55 5g Modem Rf Firmware by Qualcomm

Snapdragon Xr2 5g Firmware by Qualcomm

Sw5100 Firmware by Qualcomm

Sw5100p Firmware by Qualcomm

Sxr2130 Firmware by Qualcomm

Sxr2230p Firmware by Qualcomm

Sxr2250p Firmware by Qualcomm

Video Collaboration Vc1 Platform Firmware by Qualcomm

Video Collaboration Vc3 Platform Firmware by Qualcomm

Wcd9341 Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3620 Firmware by Qualcomm

Wcn3660b Firmware by Qualcomm

Wcn3680b Firmware by Qualcomm

Wcn3950 Firmware by Qualcomm

Wcn3980 Firmware by Qualcomm

Wcn3988 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8832 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm