CVE-2025-21476

Summary

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonQCM5430affected
Qualcomm, Inc.SnapdragonQCM6490affected
Qualcomm, Inc.SnapdragonQCM8550affected
Qualcomm, Inc.SnapdragonQCS5430affected
Qualcomm, Inc.SnapdragonQCS615affected
Qualcomm, Inc.SnapdragonQCS6490affected
Qualcomm, Inc.SnapdragonQCS8550affected
Qualcomm, Inc.SnapdragonQCS9100affected
Qualcomm, Inc.SnapdragonSG8275affected
Qualcomm, Inc.SnapdragonSG8275Paffected
Qualcomm, Inc.SnapdragonSM6650affected
Qualcomm, Inc.SnapdragonSM7635affected
Qualcomm, Inc.SnapdragonSM7675affected
Qualcomm, Inc.SnapdragonSM7675Paffected
Qualcomm, Inc.SnapdragonSM8550affected
Qualcomm, Inc.SnapdragonSM8550Paffected
Qualcomm, Inc.SnapdragonSM8635affected
Qualcomm, Inc.SnapdragonSM8635Paffected
Qualcomm, Inc.SnapdragonSM8650affected
Qualcomm, Inc.SnapdragonSM8650Paffected
Qualcomm, Inc.SnapdragonSM8650Qaffected
Qualcomm, Inc.SnapdragonSM8750affected
Qualcomm, Inc.SnapdragonSM8750Paffected
Qualcomm, Inc.SnapdragonSXR2330Paffected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6698AQaffected
Qualcomm, Inc.SnapdragonQCN9011affected
Qualcomm, Inc.SnapdragonQCN9012affected
Qualcomm, Inc.SnapdragonQCN9274affected
Qualcomm, Inc.SnapdragonWCN3910affected
Qualcomm, Inc.SnapdragonWCN3950affected
Qualcomm, Inc.SnapdragonWCN6650affected
Qualcomm, Inc.SnapdragonWCN6750affected
Qualcomm, Inc.SnapdragonWCN6755affected
Qualcomm, Inc.SnapdragonWCN6855affected
Qualcomm, Inc.SnapdragonWCN6856affected
Qualcomm, Inc.SnapdragonWCN7850affected
Qualcomm, Inc.SnapdragonWCN7851affected
Qualcomm, Inc.SnapdragonWCN7860affected
Qualcomm, Inc.SnapdragonWCN7861affected
Qualcomm, Inc.SnapdragonWCN7880affected
Qualcomm, Inc.SnapdragonWCN7881affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References