CVE-2024-53030

March 7, 2025, 11:52 a.m.

7.8
High

Description

Memory corruption while processing input message passed from FE driver.

Product(s) Impacted

Vendor Product Versions
Qualcomm
  • Msm8996au Firmware
  • Msm8996au
  • Qam8255p Firmware
  • Qam8255p
  • Qam8295p Firmware
  • Qam8295p
  • Qam8620p Firmware
  • Qam8620p
  • Qam8650p Firmware
  • Qam8650p
  • Qam8775p Firmware
  • Qam8775p
  • Qamsrv1h Firmware
  • Qamsrv1h
  • Qamsrv1m Firmware
  • Qamsrv1m
  • Qca6564a Firmware
  • Qca6564a
  • Qca6564au Firmware
  • Qca6564au
  • Qca6574a Firmware
  • Qca6574a
  • Qca6574au Firmware
  • Qca6574au
  • Qca6584au Firmware
  • Qca6584au
  • Qca6595 Firmware
  • Qca6595
  • Qca6595au Firmware
  • Qca6595au
  • Qca6678aq Firmware
  • Qca6678aq
  • Qca6688aq Firmware
  • Qca6688aq
  • Qca6696 Firmware
  • Qca6696
  • Qca6698aq Firmware
  • Qca6698aq
  • Qca6797aq Firmware
  • Qca6797aq
  • Qcs9100 Firmware
  • Qcs9100
  • Sa6145p Firmware
  • Sa6145p
  • Sa6150p Firmware
  • Sa6150p
  • Sa6155 Firmware
  • Sa6155
  • Sa6155p Firmware
  • Sa6155p
  • Sa7255p Firmware
  • Sa7255p
  • Sa7775p Firmware
  • Sa7775p
  • Sa8145p Firmware
  • Sa8145p
  • Sa8150p Firmware
  • Sa8150p
  • Sa8155 Firmware
  • Sa8155
  • Sa8155p Firmware
  • Sa8155p
  • Sa8195p Firmware
  • Sa8195p
  • Sa8255p Firmware
  • Sa8255p
  • Sa8295p Firmware
  • Sa8295p
  • Sa8540p Firmware
  • Sa8540p
  • Sa8620p Firmware
  • Sa8620p
  • Sa8650p Firmware
  • Sa8650p
  • Sa8770p Firmware
  • Sa8770p
  • Sa8775p Firmware
  • Sa8775p
  • Sa9000p Firmware
  • Sa9000p
  • Snapdragon 820 Automotive Firmware
  • Snapdragon 820 Automotive
  • Srv1h Firmware
  • Srv1h
  • Srv1l Firmware
  • Srv1l
  • Srv1m Firmware
  • Srv1m
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *
  • -
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o qualcomm msm8996au_firmware - / / / / / / /
h qualcomm msm8996au / / / / / / / /
o qualcomm qam8255p_firmware - / / / / / / /
h qualcomm qam8255p / / / / / / / /
o qualcomm qam8295p_firmware - / / / / / / /
h qualcomm qam8295p / / / / / / / /
o qualcomm qam8620p_firmware - / / / / / / /
h qualcomm qam8620p / / / / / / / /
o qualcomm qam8650p_firmware - / / / / / / /
h qualcomm qam8650p / / / / / / / /
o qualcomm qam8775p_firmware - / / / / / / /
h qualcomm qam8775p / / / / / / / /
o qualcomm qamsrv1h_firmware - / / / / / / /
h qualcomm qamsrv1h / / / / / / / /
o qualcomm qamsrv1m_firmware - / / / / / / /
h qualcomm qamsrv1m / / / / / / / /
o qualcomm qca6564a_firmware - / / / / / / /
h qualcomm qca6564a / / / / / / / /
o qualcomm qca6564au_firmware - / / / / / / /
h qualcomm qca6564au / / / / / / / /
o qualcomm qca6574a_firmware - / / / / / / /
h qualcomm qca6574a / / / / / / / /
o qualcomm qca6574au_firmware - / / / / / / /
h qualcomm qca6574au / / / / / / / /
o qualcomm qca6584au_firmware - / / / / / / /
h qualcomm qca6584au / / / / / / / /
o qualcomm qca6595_firmware - / / / / / / /
h qualcomm qca6595 / / / / / / / /
o qualcomm qca6595au_firmware - / / / / / / /
h qualcomm qca6595au / / / / / / / /
o qualcomm qca6678aq_firmware - / / / / / / /
h qualcomm qca6678aq / / / / / / / /
o qualcomm qca6688aq_firmware - / / / / / / /
h qualcomm qca6688aq / / / / / / / /
o qualcomm qca6696_firmware - / / / / / / /
h qualcomm qca6696 / / / / / / / /
o qualcomm qca6698aq_firmware - / / / / / / /
h qualcomm qca6698aq / / / / / / / /
o qualcomm qca6797aq_firmware - / / / / / / /
h qualcomm qca6797aq / / / / / / / /
o qualcomm qcs9100_firmware - / / / / / / /
h qualcomm qcs9100 / / / / / / / /
o qualcomm sa6145p_firmware - / / / / / / /
h qualcomm sa6145p / / / / / / / /
o qualcomm sa6150p_firmware - / / / / / / /
h qualcomm sa6150p / / / / / / / /
o qualcomm sa6155_firmware - / / / / / / /
h qualcomm sa6155 / / / / / / / /
o qualcomm sa6155p_firmware - / / / / / / /
h qualcomm sa6155p / / / / / / / /
o qualcomm sa7255p_firmware - / / / / / / /
h qualcomm sa7255p / / / / / / / /
o qualcomm sa7775p_firmware - / / / / / / /
h qualcomm sa7775p / / / / / / / /
o qualcomm sa8145p_firmware - / / / / / / /
h qualcomm sa8145p / / / / / / / /
o qualcomm sa8150p_firmware - / / / / / / /
h qualcomm sa8150p / / / / / / / /
o qualcomm sa8155_firmware - / / / / / / /
h qualcomm sa8155 / / / / / / / /
o qualcomm sa8155p_firmware - / / / / / / /
h qualcomm sa8155p / / / / / / / /
o qualcomm sa8195p_firmware - / / / / / / /
h qualcomm sa8195p / / / / / / / /
o qualcomm sa8255p_firmware - / / / / / / /
h qualcomm sa8255p / / / / / / / /
o qualcomm sa8295p_firmware - / / / / / / /
h qualcomm sa8295p / / / / / / / /
o qualcomm sa8540p_firmware - / / / / / / /
h qualcomm sa8540p / / / / / / / /
o qualcomm sa8620p_firmware - / / / / / / /
h qualcomm sa8620p / / / / / / / /
o qualcomm sa8650p_firmware - / / / / / / /
h qualcomm sa8650p / / / / / / / /
o qualcomm sa8770p_firmware - / / / / / / /
h qualcomm sa8770p / / / / / / / /
o qualcomm sa8775p_firmware - / / / / / / /
h qualcomm sa8775p / / / / / / / /
o qualcomm sa9000p_firmware - / / / / / / /
h qualcomm sa9000p / / / / / / / /
o qualcomm snapdragon_820_automotive_firmware - / / / / / / /
h qualcomm snapdragon_820_automotive / / / / / / / /
o qualcomm srv1h_firmware - / / / / / / /
h qualcomm srv1h / / / / / / / /
o qualcomm srv1l_firmware - / / / / / / /
h qualcomm srv1l / / / / / / / /
o qualcomm srv1m_firmware - / / / / / / /
h qualcomm srv1m / / / / / / / /

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html

Tags

CWE-20
CWE-787
product-security@qualcomm.com
2025-03-03
CVE-2024-53030

CVSS Score

7.8 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: March 3, 2025, 11:15 a.m.
Last Modified: March 7, 2025, 11:52 a.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

product-security@qualcomm.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.