CVE-2025-21438

Summary

Memory corruption while IOCTL call is invoked from user-space to read board data.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6700affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQCA6164affected
Qualcomm, Inc.SnapdragonQCA6174affected
Qualcomm, Inc.SnapdragonQCA6174Aaffected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCA9377affected
Qualcomm, Inc.SnapdragonQCM5430affected
Qualcomm, Inc.SnapdragonQCM6490affected
Qualcomm, Inc.SnapdragonQCN7605affected
Qualcomm, Inc.SnapdragonQCN7606affected
Qualcomm, Inc.SnapdragonQCS5430affected
Qualcomm, Inc.SnapdragonQCS6490affected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC3 Platformaffected
Qualcomm, Inc.SnapdragonSC8180X+SDX55affected
Qualcomm, Inc.SnapdragonSC8380XPaffected
Qualcomm, Inc.SnapdragonSM6250affected
Qualcomm, Inc.SnapdragonSnapdragon 7c Compute Platform (SC7180-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 7c+ Gen 3 Computeaffected
Qualcomm, Inc.SnapdragonSnapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite"affected
Qualcomm, Inc.SnapdragonSnapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Compute Platform (SC8180X-AA, AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References