CVE-2025-21458

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-21458
Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html Vendor Advisory Patch
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qam8775p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8650p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8775p:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_888_5g_mobile_platform:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\):-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
History

19 Aug 2025, 13:21

Type Values Removed Values Added
References () https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html - () https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html - Vendor Advisory, Patch
Summary (es) Corrupción de memoria cuando se llama a la interfaz IOCTL para mapear y desasignar buffers simultáneamente. (es) Corrupción de memoria cuando se llama a la interfaz IOCTL para mapear y desasignar búferes simultáneamente.
CPE cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qam8650p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:snapdragon_888_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa8775p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_888_5g_mobile_platform:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qam8775p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8775p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qam8775p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8650p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qam8650p:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\):-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sa8650p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*
First Time Qualcomm qca6174a Firmware
Qualcomm qca6698aq
Qualcomm qam8255p Firmware
Qualcomm fastconnect 6900
Qualcomm qca6797aq Firmware
Qualcomm snapdragon 888 5g Mobile Platform Firmware
Qualcomm wcn3980 Firmware
Qualcomm wcd9385
Qualcomm sa8650p
Qualcomm qam8255p
Qualcomm qam8775p Firmware
Qualcomm qam8650p
Qualcomm sa8620p Firmware
Qualcomm sa7775p Firmware
Qualcomm snapdragon 888\+ 5g Mobile Platform \(sm8350-ac\) Firmware
Qualcomm qca6698aq Firmware
Qualcomm sw5100p
Qualcomm sw5100p Firmware
Qualcomm wcd9380 Firmware
Qualcomm sa8775p Firmware
Qualcomm snapdragon 888 5g Mobile Platform
Qualcomm wsa8835 Firmware
Qualcomm sa8775p
Qualcomm qca6174a
Qualcomm wcd9380
Qualcomm qam8775p
Qualcomm wcn3980
Qualcomm sa8255p Firmware
Qualcomm sw5100
Qualcomm wcn3988
Qualcomm wsa8830 Firmware
Qualcomm fastconnect 6900 Firmware
Qualcomm sa8255p
Qualcomm wcn3988 Firmware
Qualcomm sa7255p
Qualcomm sa7775p
Qualcomm snapdragon 888\+ 5g Mobile Platform \(sm8350-ac\)
Qualcomm
Qualcomm sa8620p
Qualcomm sa8650p Firmware
Qualcomm wsa8835
Qualcomm qam8650p Firmware
Qualcomm qca6797aq
Qualcomm sa9000p Firmware
Qualcomm sa9000p
Qualcomm sw5100 Firmware
Qualcomm wcd9385 Firmware
Qualcomm wsa8830
Qualcomm sa7255p Firmware

06 Aug 2025, 20:23

Type Values Removed Values Added
Summary
  • (es) Corrupción de memoria cuando se llama a la interfaz IOCTL para mapear y desasignar buffers simultáneamente.

06 Aug 2025, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-06 08:15

Updated : 2025-08-19 13:21

NVD link : CVE-2025-21458

Mitre link : CVE-2025-21458

CVE.ORG link : CVE-2025-21458

JSON object : View

Products Affected

qualcomm

  • wcn3980
  • wsa8830
  • wsa8835_firmware
  • qam8775p
  • snapdragon_888_5g_mobile_platform
  • sa8620p_firmware
  • snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware
  • wcn3980_firmware
  • wcn3988_firmware
  • sa7255p
  • snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)
  • qca6797aq_firmware
  • sw5100_firmware
  • sa9000p
  • snapdragon_888_5g_mobile_platform_firmware
  • qca6698aq
  • sa8650p_firmware
  • sa8775p
  • wsa8830_firmware
  • qca6797aq
  • qam8255p_firmware
  • wcd9380_firmware
  • qca6174a
  • sa8620p
  • qam8650p_firmware
  • sa8255p_firmware
  • sa9000p_firmware
  • sa7255p_firmware
  • sw5100p_firmware
  • wcn3988
  • qam8255p
  • qam8775p_firmware
  • wsa8835
  • sa7775p
  • sa8775p_firmware
  • qca6174a_firmware
  • sw5100p
  • qam8650p
  • fastconnect_6900
  • wcd9380
  • wcd9385
  • qca6698aq_firmware
  • sa8255p
  • fastconnect_6900_firmware
  • sa7775p_firmware
  • sw5100
  • sa8650p
  • wcd9385_firmware
CWE
CWE-416

Use After Free