CVE-2025-27068

Summary

Memory corruption while processing an IOCTL command with an arbitrary address.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonSC8380XPaffected
Qualcomm, Inc.SnapdragonSM6250affected
Qualcomm, Inc.SnapdragonSnapdragon 7c Compute Platform (SC7180-AC)affected
Qualcomm, Inc.SnapdragonSnapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)affected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References