CVE-2025-27060

Summary

Memory corruption while performing SCM call with malformed inputs.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonImmersive Home 214 Platformaffected
Qualcomm, Inc.SnapdragonImmersive Home 216 Platformaffected
Qualcomm, Inc.SnapdragonImmersive Home 316 Platformaffected
Qualcomm, Inc.SnapdragonImmersive Home 318 Platformaffected
Qualcomm, Inc.SnapdragonIPQ5010affected
Qualcomm, Inc.SnapdragonIPQ5028affected
Qualcomm, Inc.SnapdragonQCN6023affected
Qualcomm, Inc.SnapdragonQCN6024affected
Qualcomm, Inc.SnapdragonQCN6100affected
Qualcomm, Inc.SnapdragonQCN6102affected
Qualcomm, Inc.SnapdragonQCN6112affected
Qualcomm, Inc.SnapdragonQCN6122affected
Qualcomm, Inc.SnapdragonQCN6132affected
Qualcomm, Inc.SnapdragonQCN9000affected
Qualcomm, Inc.SnapdragonQCN9001affected
Qualcomm, Inc.SnapdragonQCN9002affected
Qualcomm, Inc.SnapdragonQCN9003affected
Qualcomm, Inc.SnapdragonQCN9012affected
Qualcomm, Inc.SnapdragonQCN9022affected
Qualcomm, Inc.SnapdragonQCN9024affected
Qualcomm, Inc.SnapdragonQCN9070affected
Qualcomm, Inc.SnapdragonQCN9072affected
Qualcomm, Inc.SnapdragonQCN9074affected
Qualcomm, Inc.SnapdragonQCN9100affected
Qualcomm, Inc.SnapdragonQCN9274affected

Weaknesses

  • CWE-822: CWE-822 Untrusted Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References