Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

Vendors Products
Qualcomm
  • Fastconnect 6900
  • Fastconnect 6900 Firmware
  • Fastconnect 7800
  • Fastconnect 7800 Firmware
  • Sc8380xp
  • Sc8380xp Firmware
  • Wcd9380
  • Wcd9380 Firmware
  • Wcd9385
  • Wcd9385 Firmware
  • Wsa8840
  • Wsa8840 Firmware
  • Wsa8845
  • Wsa8845 Firmware
  • Wsa8845h
  • Wsa8845h Firmware

Configuration 1 [-]

AND
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sc8380xp:*:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8840:*:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8845:*:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8845h:*:*:*:*:*:*:*:*

No data.

References
Link Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html cve-icon cve-icon
History

Fri, 07 Mar 2025 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Qualcomm
Qualcomm fastconnect 6900
Qualcomm fastconnect 6900 Firmware
Qualcomm fastconnect 7800
Qualcomm fastconnect 7800 Firmware
Qualcomm sc8380xp
Qualcomm sc8380xp Firmware
Qualcomm wcd9380
Qualcomm wcd9380 Firmware
Qualcomm wcd9385
Qualcomm wcd9385 Firmware
Qualcomm wsa8840
Qualcomm wsa8840 Firmware
Qualcomm wsa8845
Qualcomm wsa8845 Firmware
Qualcomm wsa8845h
Qualcomm wsa8845h Firmware
Weaknesses CWE-119
CPEs cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sc8380xp:*:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8840:*:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8845:*:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8845h:*:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*
Vendors & Products Qualcomm
Qualcomm fastconnect 6900
Qualcomm fastconnect 6900 Firmware
Qualcomm fastconnect 7800
Qualcomm fastconnect 7800 Firmware
Qualcomm sc8380xp
Qualcomm sc8380xp Firmware
Qualcomm wcd9380
Qualcomm wcd9380 Firmware
Qualcomm wcd9385
Qualcomm wcd9385 Firmware
Qualcomm wsa8840
Qualcomm wsa8840 Firmware
Qualcomm wsa8845
Qualcomm wsa8845 Firmware
Qualcomm wsa8845h
Qualcomm wsa8845h Firmware

Tue, 04 Mar 2025 03:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 03 Mar 2025 10:30:00 +0000

Type Values Removed Values Added
Description Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.
Title Untrusted Pointer Dereference in DSP_Services
Weaknesses CWE-822
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}
cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2025-03-05T04:55:45.235Z

Reserved: 2024-11-19T01:01:57.506Z

Link: CVE-2024-53033

cve-icon Vulnrichment

Updated: 2025-03-03T12:12:48.567Z

cve-icon NVD

Status : Analyzed

Published: 2025-03-03T11:15:15.203

Modified: 2025-03-07T11:47:34.540

Link: CVE-2024-53033

cve-icon Redhat

No data.