CVE-2024-38421
📋 TL;DR
This vulnerability allows memory corruption while processing GPU commands in Qualcomm hardware, potentially enabling attackers to execute arbitrary code or cause denial of service. It affects devices using vulnerable Qualcomm GPU drivers across multiple product lines including smartphones, tablets, and embedded systems.
💻 Affected Systems
- Qualcomm Adreno GPU-based devices
- Snapdragon-powered smartphones/tablets
- Qualcomm embedded/IoT devices
📦 What is this software?
Snapdragon 4 Gen 1 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 4 Gen 1 Mobile Platform Firmware →
Snapdragon 480 5g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 480 5g Mobile Platform Firmware →
Snapdragon 480 5g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 480 5g Mobile Platform Firmware →
Snapdragon 695 5g Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 695 5g Mobile Platform Firmware →
Snapdragon 8 Gen 3 Mobile Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon 8 Gen 3 Mobile Platform Firmware →
Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm
View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →
Video Collaboration Vc1 Platform Firmware by Qualcomm
View all CVEs affecting Video Collaboration Vc1 Platform Firmware →
Video Collaboration Vc3 Platform Firmware by Qualcomm
View all CVEs affecting Video Collaboration Vc3 Platform Firmware →
⚠️ Risk & Real-World Impact
Worst Case
Full device compromise with kernel-level code execution, allowing complete control over affected systems and potential data exfiltration.
Likely Case
Local privilege escalation from user to kernel space, application crashes, or system instability requiring reboot.
If Mitigated
Limited to denial of service through application crashes if proper sandboxing and privilege separation are implemented.
🎯 Exploit Status
Requires local access and ability to execute GPU commands; typical exploitation would involve malicious application.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: November 2024 Qualcomm security updates
Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html
Restart Required: Yes
Instructions:
1. Check device manufacturer for available updates. 2. Apply November 2024 Qualcomm security patch. 3. Reboot device after installation. 4. Verify patch level in system settings.
🔧 Temporary Workarounds
Restrict GPU access
allLimit GPU command execution to trusted applications only
Application sandboxing
androidEnforce strict application isolation to prevent privilege escalation
🧯 If You Can't Patch
- Isolate affected devices from critical networks
- Implement application allowlisting to prevent untrusted GPU command execution
🔍 How to Verify
Check if Vulnerable:
Check Qualcomm security patch level in Android settings: Settings > About phone > Android version > Security patch levelCheck Version:
On Android: adb shell getprop ro.build.version.security_patchVerify Fix Applied:
Verify security patch level shows November 2024 or later📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- GPU driver crash reports
- Unexpected privilege escalation attempts
Network Indicators:
- Unusual outbound connections from system processes
SIEM Query:
source="kernel" AND ("GPU" OR "Adreno") AND ("panic" OR "crash" OR "corruption")