CVE-2024-53030

CVE-2024-53030 is a memory corruption vulnerability that occurs while processing an input message passed from the FE driver. It is associated with CWE-20 (Improper Input Validation) and CWE-787 (Out-of-bounds Write), carrying a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The vulnerability affects components in Qualcomm products, as detailed in the vendor's security bulletin.

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables high-impact consequences, including unauthorized access to confidential data, modification of system integrity, and disruption of availability through memory corruption.

Qualcomm's March 2025 security bulletin provides details on affected products, patches, and mitigation recommendations, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2025-bulletin.html. Security practitioners should consult this advisory for specific remediation steps.