CVE-2024-45546 – This vulnerability allows memory corruption whe... (How to Fix)

Q: What is the severity of CVE-2024-45546?

CVE-2024-45546 has a CVSS score of 7.8 (HIGH). This vulnerability allows memory corruption when processing FIPS encryption/decryption IOCTL calls from user-space in Qualcomm components. Attackers could potentially execute arbitrary code or cause denial of service. Affects systems using vulnerable Qualcomm hardware/software with FIPS functionality.

📋 TL;DR

This vulnerability allows memory corruption when processing FIPS encryption/decryption IOCTL calls from user-space in Qualcomm components. Attackers could potentially execute arbitrary code or cause denial of service. Affects systems using vulnerable Qualcomm hardware/software with FIPS functionality.

💻 Affected Systems

Products:

Qualcomm chipsets with FIPS cryptographic modules

Versions: Specific versions not detailed in reference, check Qualcomm advisory

Operating Systems: Android, Linux, and other OS using Qualcomm hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires FIPS functionality enabled and user-space access to IOCTL interface

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete system compromise

🟠

Likely Case

Local privilege escalation or denial of service affecting system stability

🟢

If Mitigated

Limited impact with proper access controls and exploit mitigations in place

🌐 Internet-Facing: LOW - Requires local access or specific conditions for exploitation

🏢 Internal Only: MEDIUM - Could be exploited by malicious insiders or through lateral movement

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of IOCTL interface. Memory corruption exploitation requires specific conditions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm January 2025 security bulletin for specific versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html

Restart Required: No

Instructions:

1. Check Qualcomm advisory for affected components. 2. Apply vendor-provided firmware/driver updates. 3. Verify update installation. 4. Test functionality post-update.

🔧 Temporary Workarounds

Restrict IOCTL access

Linux-based systems

Limit user-space access to FIPS-related IOCTL calls through SELinux/AppArmor policies

# Configure SELinux policies to restrict ioctl access
# Example: setenforce 1 and configure appropriate domains

🧯 If You Can't Patch

Implement strict access controls to limit user-space applications
Disable FIPS functionality if not required for compliance

🔍 How to Verify

Check if Vulnerable:

Check Qualcomm component versions against January 2025 security bulletin

Check Version:

# Check Qualcomm driver/firmware versions specific to your device

Verify Fix Applied:

Verify updated firmware/driver versions match patched versions in advisory

📡 Detection & Monitoring

Log Indicators:

Unusual IOCTL calls to FIPS modules
Kernel panic or crash logs related to cryptographic functions

Network Indicators:

None - local exploitation only

SIEM Query:

Search for kernel logs containing 'FIPS', 'crypto', or 'ioctl' errors

📊 Metadata

CVE ID: CVE-2024-45546

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-126

EPSS Score: 0.14% exploit probability (33.7th percentile)

Published: January 6, 2025

Last Updated: January 13, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45546, you might also want to check these: