CVE-2024-45548 – This vulnerability allows attackers to cause me... (How to Fix)

Q: What is the severity of CVE-2024-45548?

CVE-2024-45548 has a CVSS score of 7.8 (HIGH). This vulnerability allows attackers to cause memory corruption through a specific IOCTL call related to FIPS encryption/decryption validation. It affects systems using Qualcomm chipsets with vulnerable drivers. Successful exploitation could lead to privilege escalation or denial of service.

📋 TL;DR

This vulnerability allows attackers to cause memory corruption through a specific IOCTL call related to FIPS encryption/decryption validation. It affects systems using Qualcomm chipsets with vulnerable drivers. Successful exploitation could lead to privilege escalation or denial of service.

💻 Affected Systems

Products:

Qualcomm chipsets with FIPS encryption/decryption functionality

Versions: Specific versions listed in Qualcomm January 2025 security bulletin

Operating Systems: Android, Linux distributions using affected Qualcomm drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Requires access to the vulnerable driver interface, typically limited to privileged users or processes.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains kernel-level privileges, executes arbitrary code, and fully compromises the system.

🟠

Likely Case

Local attacker causes system crash or denial of service through memory corruption.

🟢

If Mitigated

Impact limited to denial of service if proper memory protections are enabled.

🌐 Internet-Facing: LOW - Requires local access to vulnerable driver interface.

🏢 Internal Only: MEDIUM - Local attackers or malicious insiders could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of driver IOCTL interface and memory corruption techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions specified in Qualcomm January 2025 security bulletin

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html

Restart Required: No

Instructions:

1. Check Qualcomm security bulletin for affected chipset versions. 2. Apply vendor-provided firmware/driver updates. 3. Verify update installation through version checks.

🔧 Temporary Workarounds

Restrict driver access

Linux/Android

Limit access to vulnerable driver interface using SELinux/AppArmor policies or filesystem permissions

chmod 600 /dev/vulnerable_driver_device
setenforce 1

🧯 If You Can't Patch

Implement strict access controls to limit which users/processes can access the vulnerable driver interface
Deploy memory protection mechanisms like ASLR and stack canaries if not already enabled

🔍 How to Verify

Check if Vulnerable:

Check Qualcomm chipset version and compare against affected versions in security bulletin

Check Version:

cat /proc/cpuinfo | grep -i qualcomm

Verify Fix Applied:

Verify updated driver/firmware version matches patched versions in security bulletin

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Driver crash messages in dmesg
Unexpected IOCTL calls to FIPS-related drivers

Network Indicators:

None - local vulnerability only

SIEM Query:

source="kernel" AND ("panic" OR "oops") AND "qualcomm"

📊 Metadata

CVE ID: CVE-2024-45548

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-126

EPSS Score: 0.1% exploit probability (26.6th percentile)

Published: January 6, 2025

Last Updated: January 13, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45548, you might also want to check these: