CVE-2024-33042 Overview
CVE-2024-33042 is a memory corruption vulnerability affecting a wide range of Qualcomm chipset firmware. The vulnerability is triggered when the Alternative Frequency (AF) offset value is set to 255, leading to a buffer overflow condition that can result in memory corruption. This flaw affects FM radio functionality across numerous Qualcomm mobile, automotive, IoT, and wearable platforms.
Critical Impact
Successful exploitation could allow a local attacker with low privileges to achieve arbitrary code execution, compromise device confidentiality, integrity, and availability through memory corruption.
Affected Products
- Qualcomm Snapdragon Mobile Platforms (Snapdragon 4/6/7/8 Gen series, 2xx-8xx series)
- Qualcomm FastConnect Wi-Fi/Bluetooth modules (FastConnect 6200, 6700, 6800, 6900, 7800)
- Qualcomm Automotive Platforms (SA4150P, SA6155P, SA8155P, SA8255P, SA8295P, SA8775P)
- Qualcomm IoT/Vision Intelligence Platforms (QCS series, Vision Intelligence 100/200/400)
- Qualcomm Wearable Platforms (Snapdragon Wear 2100, 2500, 3100, SDM429W)
- Qualcomm Audio/Connectivity Components (WCD93xx, WCN36xx/39xx, WSA88xx series)
Discovery Timeline
- September 2, 2024 - CVE-2024-33042 published to NVD
- August 11, 2025 - Last updated in NVD database
Technical Details for CVE-2024-33042
Vulnerability Analysis
This vulnerability is classified under CWE-120 (Buffer Copy without Checking Size of Input) and CWE-787 (Out-of-bounds Write). The flaw exists within the FM radio subsystem firmware where input validation for Alternative Frequency offset parameters is insufficient.
When processing FM radio station data, the firmware accepts an Alternative Frequency offset value without proper boundary validation. The AF offset is used to calculate memory locations for storing or accessing frequency data. When this value is set to the maximum unsigned 8-bit value (255), it causes the firmware to write data beyond the intended buffer boundaries, corrupting adjacent memory regions.
The vulnerability requires local access to the device, meaning an attacker would need to have already achieved some level of code execution or have physical access to trigger the vulnerable code path. Once triggered, the memory corruption could potentially be leveraged for privilege escalation or arbitrary code execution within the context of the affected firmware component.
Root Cause
The root cause of this vulnerability is improper input validation in the FM radio firmware component. Specifically, the code fails to validate the Alternative Frequency offset value before using it in memory operations. The offset value of 255 (0xFF) represents the maximum value for an 8-bit unsigned integer and, when used as an array index or memory offset without bounds checking, causes writes to occur outside the allocated buffer space.
This type of classic buffer overflow vulnerability indicates missing or inadequate bounds checking in the firmware's handling of FM radio RDS (Radio Data System) Alternative Frequency information.
Attack Vector
The attack requires local access with low privileges. An attacker could potentially exploit this vulnerability through:
- A malicious application with FM radio access permissions that crafts specially formatted FM data with the AF offset set to 255
- A rogue FM radio broadcast that includes malformed RDS data (though this would require proximity to the target device)
- Exploitation through another vulnerability that allows manipulation of FM radio parameters
The exploitation does not require user interaction, making it more dangerous in scenarios where an attacker has already achieved initial access to the device.
The vulnerable code path processes Alternative Frequency offset data without validating that the offset value falls within acceptable bounds. When an offset of 255 is provided, this exceeds the expected buffer size, causing memory corruption in adjacent data structures.
Detection Methods for CVE-2024-33042
Indicators of Compromise
- Unexpected crashes or reboots in devices with FM radio functionality enabled
- Anomalous FM radio-related process behavior or memory consumption patterns
- System logs indicating memory corruption errors in audio or radio subsystems
- Suspicious applications requesting FM radio permissions with unusual access patterns
Detection Strategies
- Monitor for firmware version mismatches on Qualcomm-powered devices against known patched versions
- Implement mobile device management (MDM) solutions to track firmware versions across the device fleet
- Deploy endpoint detection and response (EDR) solutions capable of monitoring for memory corruption indicators
- Review application permissions for unnecessary FM radio access requests
Monitoring Recommendations
- Enable comprehensive logging on mobile device management platforms to track firmware update compliance
- Monitor for unusual FM radio subsystem activity through Android system logs when available
- Implement alerting for devices running known vulnerable firmware versions
- Track Qualcomm security bulletin releases for additional context on affected devices
How to Mitigate CVE-2024-33042
Immediate Actions Required
- Apply firmware updates from device OEMs that incorporate the Qualcomm September 2024 security patches
- For enterprise environments, prioritize updates for devices with sensitive data or elevated access privileges
- Consider temporarily disabling FM radio functionality on critical devices until patches are applied
- Review and restrict application permissions for FM radio access where possible
Patch Information
Qualcomm has addressed this vulnerability in their September 2024 Security Bulletin. Device manufacturers (OEMs) are responsible for integrating these patches into their firmware updates and distributing them to end users.
Users should check with their device manufacturer for availability of security updates that include this fix. For Android devices, this may be included in monthly security patch updates from the OEM.
Workarounds
- Disable FM radio functionality at the system level if not required for business operations
- Implement strict application permission policies to prevent untrusted apps from accessing FM radio features
- Use mobile device management (MDM) to enforce firmware update policies across organizational devices
- Isolate or restrict network access for devices that cannot be immediately patched
# Example: Check Android security patch level (for devices with shell access)
adb shell getprop ro.build.version.security_patch
# Example: Disable FM radio service if available on rooted devices
adb shell pm disable-user com.android.fmradio
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
