CVE-2024-53024

Q: What is the severity of CVE-2024-53024?

CVE-2024-53024 has a CVSS score of 7.8 (HIGH). This CVE describes a memory corruption vulnerability in Qualcomm display drivers that occurs when detaching a device. Successful exploitation could allow attackers to execute arbitrary code or cause denial of service. This affects devices using vulnerable Qualcomm display drivers.

7.8 HIGH

📋 TL;DR

This CVE describes a memory corruption vulnerability in Qualcomm display drivers that occurs when detaching a device. Successful exploitation could allow attackers to execute arbitrary code or cause denial of service. This affects devices using vulnerable Qualcomm display drivers.

💻 Affected Systems

Products:

Qualcomm display drivers

Versions: Specific versions not detailed in reference; check Qualcomm March 2025 bulletin

Operating Systems: Android, Linux-based systems using Qualcomm hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Qualcomm chipsets using vulnerable display driver versions

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or persistent backdoor installation

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated privileges on the affected system

🟢

If Mitigated

Denial of service through system crash or instability if exploitation attempts are blocked

🌐 Internet-Facing: LOW - Requires local access or physical device interaction

🏢 Internal Only: MEDIUM - Could be exploited by malicious insiders or through lateral movement

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access to trigger the device detachment condition; memory corruption vulnerabilities can be challenging to exploit reliably

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm March 2025 security bulletin for specific patched driver versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates 2. Apply Qualcomm display driver updates 3. Reboot device to load patched driver

🔧 Temporary Workarounds

Restrict physical access

all

Limit physical access to devices to prevent local exploitation

Disable unnecessary device connections

linux

Reduce attack surface by disabling unused display interfaces

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized local access
Monitor for unusual display driver behavior or system crashes

🔍 How to Verify

Check if Vulnerable:

Check Qualcomm driver version against March 2025 security bulletin

Check Version:

On Linux: modinfo qcom_display_driver (or similar driver name)

Verify Fix Applied:

Verify display driver version matches patched version from Qualcomm advisory

📡 Detection & Monitoring

Log Indicators:

Display driver crashes
Kernel panic logs
Unexpected device detachment events

Network Indicators:

None - local vulnerability

SIEM Query:

Search for display driver crash events or kernel panic logs

📊 Metadata

CVE ID: CVE-2024-53024

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-476

EPSS Score: 0.04% exploit probability (9.7th percentile)

Published: March 3, 2025

Last Updated: August 11, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Flight Rb5 5g Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8620p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qcm4325 Firmware by Qualcomm

Qcm4490 Firmware by Qualcomm

Qcm5430 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcm8550 Firmware by Qualcomm

Qcn6024 Firmware by Qualcomm

Qcn9011 Firmware by Qualcomm

Qcn9012 Firmware by Qualcomm

Qcn9024 Firmware by Qualcomm

Qcn9274 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs4490 Firmware by Qualcomm

Qcs5430 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Qcs615 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Qcs7230 Firmware by Qualcomm

Qcs8250 Firmware by Qualcomm

Qcs8300 Firmware by Qualcomm

Qcs8550 Firmware by Qualcomm

Qcs9100 Firmware by Qualcomm

Qmp1000 Firmware by Qualcomm

Qrb5165m Firmware by Qualcomm

Qrb5165n Firmware by Qualcomm

Qsm8350 Firmware by Qualcomm

Robotics Rb2 Firmware by Qualcomm

Robotics Rb5 Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa7255p Firmware by Qualcomm

Sa7775p Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sa8255p Firmware by Qualcomm

Sa8295p Firmware by Qualcomm

Sa8530p Firmware by Qualcomm

Sa8540p Firmware by Qualcomm

Sa8620p Firmware by Qualcomm

Sa8650p Firmware by Qualcomm

Sa8770p Firmware by Qualcomm

Sa8775p Firmware by Qualcomm

Sa9000p Firmware by Qualcomm

Sd 8 Gen1 5g Firmware by Qualcomm

Sd888 Firmware by Qualcomm

Sdm429w Firmware by Qualcomm

Sdx61 Firmware by Qualcomm

Sg4150p Firmware by Qualcomm

Sg8275p Firmware by Qualcomm