CVE-2025-21439

Summary

Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonFastConnect 6700affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonQCA6595AUaffected
Qualcomm, Inc.SnapdragonQCM5430affected
Qualcomm, Inc.SnapdragonQCM6490affected
Qualcomm, Inc.SnapdragonQCN7605affected
Qualcomm, Inc.SnapdragonQCN7606affected
Qualcomm, Inc.SnapdragonQCS5430affected
Qualcomm, Inc.SnapdragonQCS6490affected
Qualcomm, Inc.SnapdragonQualcomm Video Collaboration VC3 Platformaffected
Qualcomm, Inc.SnapdragonSC8180X+SDX55affected
Qualcomm, Inc.SnapdragonSnapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite"affected
Qualcomm, Inc.SnapdragonSnapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Compute Platform (SC8180X-AA, AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)affected
Qualcomm, Inc.SnapdragonWCD9370affected
Qualcomm, Inc.SnapdragonWCD9375affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected

Weaknesses

  • CWE-787: CWE-787: Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References