CVE-2024-45573

CVE-2024-45573 is a memory corruption vulnerability that may occur while generating test patterns due to negative indexing of a display ID. It is documented in Qualcomm's February 2025 security bulletin and is associated with CWE-823 (Use of Out-of-bounds Read) and CWE-119 (Buffer Overflow). The vulnerability has a CVSS v3.1 base score of 7.8 (High), reflecting local access requirements (AV:L), low attack complexity (AC:L), low privileges needed (PR:L), no user interaction (UI:N), and unchanged scope (S:U), with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).

A local attacker with low privileges could exploit this vulnerability to trigger memory corruption during test pattern generation on affected systems. Successful exploitation could lead to arbitrary code execution, data disclosure, or system disruption, depending on the context of the display ID handling.

Qualcomm's February 2025 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html provides details on the vulnerability and associated patches or mitigations for affected products. Security practitioners should consult the bulletin for specific remediation steps, such as applying vendor updates.