# September 2025 Security Bulletin
## Published: 09/01/2025
This security bulletin is intended to help Qualcomm Technologies, Inc. (QTI) customers incorporate security updates in launched or upcoming devices.
This document includes (i) a description of security issues that have been addressed in QTI’s proprietary code and (ii) links to publicly available code where security issues have been addressed.
Please reach out to
[securitybulletin@qti.qualcomm.com](mailto:securitybulletin@qti.qualcomm.com)
for any questions related to this bulletin.
## Table of Contents
| Announcements |
| --- |
| Acknowledgements |
| Proprietary Software Issues |
| Open Source Software Issues |
| Industry Coordination |
## Announcements
None
## Acknowledgements
We would like to thank these researchers for their contributions in reporting these issues to us.
| CVE-2025-21481,CVE-2025-27036,CVE-2025-27037 | heidada (heiheidada) |
| --- | --- |
| CVE-2025-21476,CVE-2025-27033 | conghuiwang |
| CVE-2025-27030 | Maher Azzouzi |
## Proprietary Software Issues
The tables below summarize security vulnerabilities that were addressed through proprietary software
This table lists high impact security vulnerabilities.
Patches are being actively shared with OEMs, who have been notified and strongly recommended to deploy those patches on released devices as soon as possible.
Please contact the device manufacturer for information on the patching status of released devices.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
| --- | --- | --- | --- | --- |
| CVE-2025-21483 | Critical | Critical | Data Network Stack & Connectivity | Internal |
| CVE-2025-27034 | Critical | Critical | Multi-Mode Call Processor | Internal |
| CVE-2025-21481 | High | High | HLOS | 12/01/2024 |
| CVE-2025-21482 | High | High | Core | Internal |
| CVE-2025-21484 | High | High | Data Network Stack & Connectivity | Internal |
| CVE-2025-21487 | High | High | Data Network Stack & Connectivity | Internal |
| CVE-2025-21488 | High | High | Data Network Stack & Connectivity | Internal |
| CVE-2025-27032 | High | High | Hypervisor | Internal |
| CVE-2025-27077 | High | High | Automotive Software platform based on QNX | Internal |
| CVE-2025-47314 | High | High | Automotive Software platform based on QNX | Internal |
| CVE-2025-47315 | High | High | Automotive Software platform based on QNX | Internal |
| CVE-2025-47316 | High | High | Video | Internal |
| CVE-2025-47317 | High | High | BT Controller | Internal |
| CVE-2025-47318 | High | High | BT Controller | Internal |
| CVE-2025-47326 | High | High | WLAN HAL | Internal |
| CVE-2025-47327 | High | High | Camera | Internal |
| CVE-2025-47328 | High | High | WLAN HAL | Internal |
| CVE-2025-47329 | High | High | Android Core | Internal |
This table lists moderate security vulnerabilities. OEMs have been notified and encouraged to patch these issues.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
| --- | --- | --- | --- | --- |
| CVE-2025-27036 | Medium | Medium | Video | 10/28/2024 |
### CVE-2025-21483
| CVE ID | CVE-2025-21483 |
| --- | --- |
| Title | Improper Restriction of Operations within the Bounds of a Memory Buffer in Data Network Stack & Connectivity |
| Description | Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. |
| Technology Area | Data Network Stack & Connectivity |
| Vulnerability Type | CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer |
| Access Vector | Remote |
| Security Rating | Critical |
| CVSS Rating | Critical |
| CVSS Score | 9.8 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | APQ8017, APQ8064AU, AQT1000, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, MSM8996AU, QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCM2150, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN9274, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS615, QCS6490, QCS8300, QCS8550, QCS9100, QMP1000, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB3 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SD 675, SD 8 Gen1 5G, SD626, SD660, SD670, SD675, SD730, SD835, SD855, SD865 5G, SD888, SDM429W, SDX55, SG4150P, SM4125, SM4635, SM6250, SM6370, SM6650, SM7250P, SM7315, SM7325P, SM7635, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8650Q, SM8735, SM8750, SM8750P, Smart Display 200 Platform (APQ5053-AA), Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 625 Mobile Platform, Snapdragon 626 Mobile Platform, Snapdragon 630 Mobile Platform, Snapdragon 632 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SRV1H, SRV1L, SRV1M, SW5100, SW5100P, SXR1120, SXR2130, TalynPlus, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9371, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6450, WCN6650, WCN6740, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-27034
| CVE ID | CVE-2025-27034 |
| --- | --- |
| Title | Improper Validation of Array Index in Multi-Mode Call Processor |
| Description | Memory corruption while selecting the PLMN from SOR failed list. |
| Technology Area | Multi-Mode Call Processor |
| Vulnerability Type | CWE-129 Improper Validation of Array Index |
| Access Vector | Remote |
| Security Rating | Critical |
| CVSS Rating | Critical |
| CVSS Score | 9.8 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | 315 5G IoT Modem, AR8035, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QCA6174A, QCA6391, QCA6574A, QCA6584AU, QCA6595AU, QCA6696, QCA6698AQ, QCA8081, QCA8337, QCC710, QCM4490, QCM5430, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN9024, QCS4490, QCS5430, QCS6490, QCS8550, QEP8111, QFW7114, QFW7124, Qualcomm® Video Collaboration VC3 Platform, SD 8 Gen1 5G, SDX55, SDX57M, SDX61, SDX71M, SDX80M, SG8275P, SM4635, SM6650, SM7250P, SM7325P, SM7635, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8650Q, SM8750, SM8750P, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X35 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X62 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN3988, WCN6450, WCN6650, WCN6740, WCN6755, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-21481
| CVE ID | CVE-2025-21481 |
| --- | --- |
| Title | Buffer Copy Without Checking Size of Input in HLOS |
| Description | Memory corruption while performing private key encryption in trusted application. |
| Technology Area | HLOS |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2024/12/01 |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | 315 5G IoT Modem, AQT1000, AR8031, AR8035, C-V2X 9150, CSRA6620, CSRA6640, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6174A, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC710, QCM2290, QCM4290, QCM5430, QCM6125, QCM6490, QCM8550, QCN6024, QCN6224, QCN6274, QCN7606, QCN9024, QCN9074, QCN9274, QCS2290, QCS410, QCS4290, QCS5430, QCS610, QCS6125, QCS6490, QCS8300, QCS8550, QCS9100, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QEP8111, QFW7114, QFW7124, QMP1000, QRB5165M, QRB5165N, QRU1032, QRU1052, QRU1062, QSM8250, QSM8350, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB2 Platform, Robotics RB5 Platform, SA2150P, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8530P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 675, SD 8 Gen1 5G, SD670, SD675, SD730, SD855, SD865 5G, SD888, SDX55, SDX61, SG4150P, SM4125, SM4635, SM6250, SM6250P, SM6370, SM6650, SM7250P, SM7315, SM7325P, SM7635, SM7675, SM7675P, SM8635, SM8635P, SM8650Q, SM8735, SM8750, SM8750P, Smart Audio 400 Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 662 Mobile Platform, Snapdragon 665 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c Compute Platform (SC7180-AC), Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro", Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X35 5G Modem-RF System, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X62 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SRV1H, SRV1L, SRV1M, SW5100, SW5100P, SXR1120, SXR2130, SXR2330P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6450, WCN6650, WCN6740, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-21482
| CVE ID | CVE-2025-21482 |
| --- | --- |
| Title | Cryptographic Issues in Core |
| Description | Cryptographic issue while performing RSA PKCS padding decoding. |
| Technology Area | Core |
| Vulnerability Type | CWE-310 Cryptographic Issues |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.1 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
| Date Reported | Internal |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | 315 5G IoT Modem, 9205 LTE Modem, 9206 LTE Modem, 9207 LTE Modem, APQ8017, APQ8037, APQ8064AU, APQ8092, APQ8094, AQT1000, AR3012, AR7420, AR8031, AR8035, AR9380, C-V2X 9150, CSR8811, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, FSM9900, FSM9905, FSM9910, FSM9915, FSM9916, FSM9950, FSM9955, Home Hub 100 Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5028, IPQ5300, IPQ5302, IPQ5312, IPQ5332, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8062, IPQ8064, IPQ8065, IPQ8066, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9048, IPQ9554, IPQ9570, IPQ9574, MDM8207, MDM9205S, MDM9250, MDM9628, MDM9640, MDM9645, MDM9650, MSM8996AU, PM8937, PMP8074, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Qualcomm® Video Collaboration VC5 Platform, QXM8083, Robotics RB2 Platform, Robotics RB3 Platform, Robotics RB5 Platform, SA2150P, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8530P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SC8180X+SDX55, SC8380XP, SD 455, SD 675, SD 8 Gen1 5G, SD 8CX, SD460, SD626, SD660, SD662, SD670, SD675, SD730, SD820, SD821, SD835, SD855, SD865 5G, SD888, SDM429W, SDX20M, SDX55, SDX57M, SDX61, SDX65M, SDX71M, SDX80M, SG4150P, SG8275P, SM4125, SM4635, SM6250, SM6250P, SM6370, SM6650, SM7250P, SM7315, SM7325P, SM7635, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8650Q, SM8735, SM8750, SM8750P, Smart Audio 400 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 1100 Wearable Platform, Snapdragon 1200 Wearable Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 427 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 430 Mobile Platform, Snapdragon 435 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 450 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR1 Gen 1 Platform, Snapdragon AR1 Gen 1 Platform "Luna1", Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon Wear 1300 Platform, Snapdragon Wear 4100+ Platform, Snapdragon X12 LTE Modem, Snapdragon X20 LTE Modem, Snapdragon X24 LTE Modem, Snapdragon X35 5G Modem-RF System, Snapdragon X5 LTE Modem, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X62 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X70 Modem-RF System, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SRV1H, SRV1L, SRV1M, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1120, SXR1230P, SXR2130, SXR2230P, SXR2250P, SXR2330P, TalynPlus, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9371, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3999, WCN6450, WCN6650, WCN6740, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-21484
| CVE ID | CVE-2025-21484 |
| --- | --- |
| Title | Buffer Over-read in Data Network Stack & Connectivity |
| Description | Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. |
| Technology Area | Data Network Stack & Connectivity |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.2 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L |
| Date Reported | Internal |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | APQ8064AU, AQT1000, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, MSM8108, MSM8209, MSM8608, MSM8996AU, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6696, QCA6698AQ, QCA6698AU, QCA6797AQ, QCM4490, QCM5430, QCM6125, QCM6490, QCS410, QCS4490, QCS5430, QCS610, QCS6125, QCS6490, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB3 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SD626, SD660, SD730, SD835, SD855, SD865 5G, SDM429W, SDX55, SG4150P, SM4125, SM6250, SM6370, SM7250P, SM8750, SM8750P, SM8850, SM8850P, Smart Audio 200 Platform, Smart Display 200 Platform (APQ5053-AA), Snapdragon 208 Processor, Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 625 Mobile Platform, Snapdragon 626 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SW5100, SW5100P, SXR1120, SXR2130, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-21487
| CVE ID | CVE-2025-21487 |
| --- | --- |
| Title | Buffer Over-read in Data Network Stack & Connectivity |
| Description | Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. |
| Technology Area | Data Network Stack & Connectivity |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.2 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L |
| Date Reported | Internal |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | APQ8017, APQ8064AU, AQT1000, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, MSM8996AU, QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6310, QCA6320, QCA6335, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCM2150, QCM2290, QCM4290, QCM4325, QCM4490, QCM5430, QCM6125, QCM6490, QCM8550, QCN9274, QCS2290, QCS410, QCS4290, QCS4490, QCS5430, QCS610, QCS6125, QCS615, QCS6490, QCS8300, QCS8550, QCS9100, QMP1000, Qualcomm 205 Mobile Platform, Qualcomm 215 Mobile Platform, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, Robotics RB3 Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SD 675, SD 8 Gen1 5G, SD626, SD660, SD670, SD675, SD730, SD835, SD855, SD865 5G, SD888, SDM429W, SDX55, SG4150P, SM4125, SM4635, SM6250, SM6370, SM6650, SM7250P, SM7315, SM7325P, SM7635, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8650Q, SM8735, SM8750, SM8750P, Smart Display 200 Platform (APQ5053-AA), Snapdragon 210 Processor, Snapdragon 212 Mobile Platform, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 425 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 439 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 625 Mobile Platform, Snapdragon 626 Mobile Platform, Snapdragon 630 Mobile Platform, Snapdragon 632 Mobile Platform, Snapdragon 636 Mobile Platform, Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 690 5G Mobile Platform, Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 720G Mobile Platform, Snapdragon 730 Mobile Platform (SM7150-AA), Snapdragon 730G Mobile Platform (SM7150-AB), Snapdragon 732G Mobile Platform (SM7150-AC), Snapdragon 750G 5G Mobile Platform, Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 780G 5G Mobile Platform, Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 835 Mobile PC Platform, Snapdragon 845 Mobile Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SRV1H, SRV1L, SRV1M, SW5100, SW5100P, SXR1120, SXR2130, TalynPlus, Vision Intelligence 100 Platform (APQ8053-AA), Vision Intelligence 200 Platform (APQ8053-AC), WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9371, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3610, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6450, WCN6650, WCN6740, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-21488
| CVE ID | CVE-2025-21488 |
| --- | --- |
| Title | Buffer Over-read in Data Network Stack & Connectivity |
| Description | Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. |
| Technology Area | Data Network Stack & Connectivity |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 8.2 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L |
| Date Reported | Internal |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | FastConnect 6200, FastConnect 6700, FastConnect 6900, FastConnect 7800, MSM8996AU, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCM4490, QCS410, QCS4490, QCS610, QMP1000, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SD 8 Gen1 5G, SD660, SD670, SD865 5G, SDM429W, SG4150P, SM4125, SM4635, SM6370, SM6650, SM7635, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8650Q, SM8735, SM8750, SM8750P, Snapdragon 4 Gen 1 Mobile Platform, Snapdragon 4 Gen 2 Mobile Platform, Snapdragon 429 Mobile Platform, Snapdragon 460 Mobile Platform, Snapdragon 480 5G Mobile Platform, Snapdragon 480+ 5G Mobile Platform (SM4350-AC), Snapdragon 660 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 670 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Snapdragon 695 5G Mobile Platform, Snapdragon 710 Mobile Platform, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 1 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 845 Mobile Platform, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon XR1 Platform, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, SW5100, SW5100P, SXR1120, TalynPlus, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3620, WCN3660B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN6450, WCN6650, WCN6740, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-27032
| CVE ID | CVE-2025-27032 |
| --- | --- |
| Title | Improper Access Control Applied to Mirrored or Aliased Memory Regions in Hypervisor |
| Description | memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency. |
| Technology Area | Hypervisor |
| Vulnerability Type | CWE-1257: Improper Access Control Applied to Mirrored or Aliased Memory Regions |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | AQT1000, AR8035, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6174A, QCA6310, QCA6335, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCA9377, QCC710, QCM5430, QCM6490, QCM8550, QCN6224, QCN6274, QCN9274, QCS5430, QCS6490, QCS8300, QCS8550, QCS9100, QDU1000, QDU1010, QDU1110, QDU1210, QDX1010, QDX1011, QEP8111, QFW7114, QFW7124, QMP1000, QRU1032, QRU1052, QRU1062, QSM8350, Qualcomm® Video Collaboration VC3 Platform, Robotics RB3 Platform, SA6145P, SA6155, SA6155P, SA7255P, SA7775P, SA8150P, SA8155, SA8155P, SA8255P, SA8295P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SC8380XP, SD 675, SD 8 Gen1 5G, SD 8CX, SD670, SD675, SD855, SD865 5G, SDX55, SDX57M, SDX80M, SG8275P, SM6650, SM7250P, SM7635, SM7675, SM7675P, SM8550P, SM8635, SM8635P, SM8650Q, SM8735, SM8750, SM8750P, Snapdragon 670 Mobile Platform, Snapdragon 675 Mobile Platform, Snapdragon 678 Mobile Platform (SM6150-AC), Snapdragon 765 5G Mobile Platform (SM7250-AA), Snapdragon 765G 5G Mobile Platform (SM7250-AB), Snapdragon 768G 5G Mobile Platform (SM7250-AC), Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 845 Mobile Platform, Snapdragon 850 Mobile Compute Platform, Snapdragon 855 Mobile Platform, Snapdragon 855+/860 Mobile Platform (SM8150-AC), Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR1 Gen 1 Platform, Snapdragon AR1 Gen 1 Platform "Luna1", Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X24 LTE Modem, Snapdragon X35 5G Modem-RF System, Snapdragon X50 5G Modem-RF System, Snapdragon X55 5G Modem-RF System, Snapdragon X62 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, SRV1H, SRV1L, SRV1M, SSG2115P, SSG2125P, SXR1230P, SXR2130, SXR2230P, SXR2250P, SXR2330P, Vision Intelligence 300 Platform, Vision Intelligence 400 Platform, WCD9326, WCD9340, WCD9341, WCD9370, WCD9375, WCD9378, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN3980, WCN3990, WCN6450, WCN6650, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-27077
| CVE ID | CVE-2025-27077 |
| --- | --- |
| Title | Use After Free in Automotive Software platform based on QNX |
| Description | Memory corruption while processing message in guest VM. |
| Technology Area | Automotive Software platform based on QNX |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6574AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, SA7255P, SA7775P, SA8255P, SA8295P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SRV1H, SRV1L, SRV1M |
### CVE-2025-47314
| CVE ID | CVE-2025-47314 |
| --- | --- |
| Title | Improper Input Validation in Automotive Software platform based on QNX |
| Description | Memory corruption while processing data sent by FE driver. |
| Technology Area | Automotive Software platform based on QNX |
| Vulnerability Type | CWE-20 Improper Input Validation |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6574AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, SA6155P, SA7255P, SA7775P, SA8155P, SA8195P, SA8255P, SA8295P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SRV1H, SRV1L, SRV1M |
### CVE-2025-47315
| CVE ID | CVE-2025-47315 |
| --- | --- |
| Title | Use After Free in Automotive Software platform based on QNX |
| Description | Memory corruption while handling repeated memory unmap requests from guest VM. |
| Technology Area | Automotive Software platform based on QNX |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | QAM8255P, QAM8295P, QAM8620P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6574AU, QCA6595, QCA6595AU, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, SA7255P, SA7775P, SA8255P, SA8295P, SA8540P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SRV1H, SRV1L, SRV1M |
### CVE-2025-47316
| CVE ID | CVE-2025-47316 |
| --- | --- |
| Title | Double Free in Video |
| Description | Memory corruption due to double free when multiple threads race to set the timestamp store. |
| Technology Area | Video |
| Vulnerability Type | CWE-415 Double Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | AQT1000, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QCA6391, QCA6420, QCA6430, SC8380XP, Snapdragon 7c+ Gen 3 Compute, Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), WCD9340, WCD9341, WCD9380, WCD9385, WSA8810, WSA8815, WSA8830, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-47317
| CVE ID | CVE-2025-47317 |
| --- | --- |
| Title | Buffer Over-read in BT Controller |
| Description | Memory corruption due to global buffer overflow when a test command uses an invalid payload type. |
| Technology Area | BT Controller |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | FastConnect 6200, FastConnect 6700, FastConnect 7800, QCC5161, QCC710, QCC711, QCC7225, QCC7226, QCC7228, QMP1000, S3 Gen 2 Sound Platform, S3 Sound Platform, S5 Gen 2 Sound Platform, S5 Sound Platform, SM6475, SM6650, SM6650P, SM7435, SM7550, SM7550P, SM7635, SM7635P, SM7675, SM7675P, SM8635, SM8635P, SM8735, SM8750, SM8750P, Snapdragon 6 Gen 1 Mobile Platform, WCD9370, WCD9371, WCD9375, WCD9378, WCD9385, WCD9390, WCD9395, WCN3988, WCN6650, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-47318
| CVE ID | CVE-2025-47318 |
| --- | --- |
| Title | Buffer Over-read in BT Controller |
| Description | Transient DOS while parsing the EPTM test control message to get the test pattern. |
| Technology Area | BT Controller |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | APQ8017, APQ8064AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, Flight RB5 5G Platform, Home Hub 100 Platform, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, IPQ5010, IPQ5028, MDM9628, MDM9640, MSM8996AU, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA1062, QCA1064, QCA2066, QCA4024, QCA6174A, QCA6175A, QCA6391, QCA6420, QCA6430, QCA6554A, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6678AQ, QCA6688AQ, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC2073, QCC2076, QCC5161, QCC710, QCC711, QCC7225, QCC7226, QCC7228, QCM6125, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN7605, QCN7606, QCN9000, QCN9001, QCN9002, QCN9003, QCN9011, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9274, QCS6125, QCS7230, QCS8250, QFW7114, QFW7124, QRB5165M, QRB5165N, Qualcommr Video Collaboration VC1 Platform, Qualcommr Video Collaboration VC5 Platform, Robotics RB5 Platform, S3 Gen 2 Sound Platform, S3 Sound Platform, S5 Gen 2 Sound Platform, S5 Sound Platform, SA4150P, SA4155P, SA6145P, SA6150P, SA6155, SA6155P, SA7255P, SA7775P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8255P, SA8295P, SA8620P, SA8650P, SA8770P, SA8775P, SA9000P, SD 8 Gen1 5G, SD865 5G, SDX55, SDX61, SG8275, SG8275P, SM7325P, SM8550P, SM8750, SM8750P, Smart Audio 400 Platform, Snapdragon 778G 5G Mobile Platform, Snapdragon 778G+ 5G Mobile Platform (SM7325-AE), Snapdragon 782G Mobile Platform (SM7325-AF), Snapdragon 7c+ Gen 3 Compute, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon 820 Automotive Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon 888 5G Mobile Platform, Snapdragon 888+ 5G Mobile Platform (SM8350-AC), Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), Snapdragon AR1 Gen 1 Platform, Snapdragon AR1 Gen 1 Platform "Luna1", Snapdragon AR2 Gen 1 Platform, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon X5 LTE Modem, Snapdragon X55 5G Modem-RF System, Snapdragon X65 5G Modem-RF System, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, Snapdragon XR2 5G Platform, Snapdragon XR2+ Gen 1 Platform, Snapdragon Auto 4G Modem, SRV1H, SRV1M, SSG2115P, SSG2125P, SW5100, SW5100P, SXR1230P, SXR2230P, SXR2250P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCD9390, WCD9395, WCN3950, WCN3980, WCN6740, WCN7860, WCN7861, WCN7880, WCN7881, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-47326
| CVE ID | CVE-2025-47326 |
| --- | --- |
| Title | Buffer Over-read in WLAN HAL |
| Description | Transient DOS while handling command data during power control processing. |
| Technology Area | WLAN HAL |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | AR8035, CSR8811, FastConnect 6900, FastConnect 7800, Immersive Home 214 Platform, Immersive Home 216 Platform, Immersive Home 316 Platform, Immersive Home 318 Platform, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5010, IPQ5028, IPQ5300, IPQ5302, IPQ5312, IPQ5332, IPQ5424, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8070A, IPQ8071A, IPQ8072A, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, IPQ9008, IPQ9048, IPQ9554, IPQ9570, IPQ9574, QCA0000, QCA4024, QCA8075, QCA8080, QCA8081, QCA8082, QCA8084, QCA8085, QCA8101, QCA8102, QCA8111, QCA8112, QCA8337, QCA8384, QCA8385, QCA8386, QCA9888, QCA9889, QCC710, QCF8000, QCF8000SFP, QCF8001, QCN5022, QCN5024, QCN5052, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5224, QCN6023, QCN6024, QCN6112, QCN6122, QCN6132, QCN6224, QCN6274, QCN6402, QCN6412, QCN6422, QCN6432, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCN9160, QCN9274, QFW7114, QFW7124, QMP1000, QXM8083, SDX55, SDX65M, SM6650, SM6650P, SM7635, SM7635P, SM8735, SM8750, SM8750P, Snapdragon X65 5G Modem-RF System, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, SW-only, WCD9340, WCD9378, WCD9395, WCN6650, WCN6755, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-47327
| CVE ID | CVE-2025-47327 |
| --- | --- |
| Title | Use After Free in Camera |
| Description | Memory corruption while encoding the image data. |
| Technology Area | Camera |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | AQT1000, FastConnect 6200, FastConnect 6700, FastConnect 6800, FastConnect 6900, FastConnect 7800, QCA6391, QCA6420, QCA6430, QCM5430, QCM6490, QCS5430, QCS6490, Qualcommr Video Collaboration VC3 Platform, SC8380XP, Snapdragon 7c+ Gen 3 Compute, Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite", Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite", Snapdragon 8cx Compute Platform (SC8180X-AA, AB), Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro", Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB), Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WSA8810, WSA8815, WSA8830, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-47328
| CVE ID | CVE-2025-47328 |
| --- | --- |
| Title | Buffer Over-read in WLAN HAL |
| Description | Transient DOS while processing power control requests with invalid antenna or stream values. |
| Technology Area | WLAN HAL |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Remote |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.5 |
| CVSS String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | FastConnect 7800, Immersive Home 3210 Platform, Immersive Home 326 Platform, IPQ5300, IPQ5302, IPQ5312, IPQ5332, IPQ5424, IPQ9008, IPQ9048, IPQ9554, IPQ9570, IPQ9574, QCA0000, QCA8075, QCA8080, QCA8081, QCA8082, QCA8084, QCA8085, QCA8101, QCA8102, QCA8111, QCA8112, QCA8384, QCA8385, QCA8386, QCC710, QCF8000, QCF8001, QCN5124, QCN5224, QCN6224, QCN6274, QCN6402, QCN6412, QCN6422, QCN6432, QCN9000, QCN9012, QCN9024, QCN9074, QCN9160, QCN9274, QFW7114, QFW7124, QMP1000, QXM8083, SM8735, SM8750, SM8750P, Snapdragon X72 5G Modem-RF System, Snapdragon X75 5G Modem-RF System, SW-only, WCD9340, WCD9378, WCD9395, WCN7750, WCN7860, WCN7861, WCN7880, WCN7881, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-47329
| CVE ID | CVE-2025-47329 |
| --- | --- |
| Title | Release of Invalid Pointer or Reference in Android Core |
| Description | Memory corruption while handling invalid inputs in application info setup. |
| Technology Area | Android Core |
| Vulnerability Type | CWE-763: Release of Invalid Pointer or Reference |
| Access Vector | Local |
| Security Rating | High |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | Internal |
| Customer Notified Date | 2025/06/02 |
| Affected Chipsets\* | FastConnect 7800, QAM8255P, QAM8775P, QCA6574, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCM6690, QCS6690, SA6155P, SA8155P, SA8195P, SA8255P, SA8770P, SA8775P, SA9000P, Snapdragon 8 Gen 3 Mobile Platform, Snapdragon AR1 Gen 1 Platform, Snapdragon AR1 Gen 1 Platform "Luna1", Snapdragon W5+ Gen 1 Wearable Platform, SW5100, SW5100P, WCD9380, WCD9385, WCD9390, WCD9395, WCN6450, WCN6755, WCN7861, WCN7881, WSA8830, WSA8832, WSA8835, WSA8840, WSA8845, WSA8845H |
### CVE-2025-27036
| CVE ID | CVE-2025-27036 |
| --- | --- |
| Title | Buffer Over-read in Video |
| Description | Information disclosure when Video engine escape input data is less than expected minimum size. |
| Technology Area | Video |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.1 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L |
| Date Reported | 2024/10/28 |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | FastConnect 6700, FastConnect 6900, FastConnect 7800, QCM5430, QCM6490, QCS5430, QCS6490, Qualcomm® Video Collaboration VC3 Platform, SC8380XP, Snapdragon 7c+ Gen 3 Compute, Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB), WCD9370, WCD9375, WCD9380, WCD9385, WSA8830, WSA8835, WSA8840, WSA8845, WSA8845H |
\*The list of affected chipsets may not be complete.
For latest information, device OEMs can contact QTI directly at [www.qualcomm.com/support](https://www.qualcomm.com/support).
## Open Source Software Issues
The tables below summarize security vulnerabilities that were addressed through open source software
This table lists high impact security vulnerabilities.
Patches are being actively shared with OEMs, who have been notified and strongly recommended to deploy those patches on released devices as soon as possible.
Please contact the device manufacturer for information on the patching status of released devices.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
| --- | --- | --- | --- | --- |
This table lists moderate security vulnerabilities. OEMs have been notified and encouraged to patch these issues.
| Public ID | Security Rating | CVSS Rating | Technology Area | Date Reported |
| --- | --- | --- | --- | --- |
| CVE-2025-21476 | Medium | High | Computer Vision | 09/03/2024 |
| CVE-2025-27030 | Medium | Medium | Audio | 11/17/2024 |
| CVE-2025-27033 | Medium | Medium | Video | 10/10/2024 |
| CVE-2025-27037 | Medium | High | Camera Driver | 09/29/2024 |
### CVE-2025-21476
| CVE ID | CVE-2025-21476 |
| --- | --- |
| Title | Buffer Copy Without Checking Size of Input in Computer Vision |
| Description | Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake. |
| Technology Area | Computer Vision |
| Vulnerability Type | CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2024/09/03 |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | QCM5430, QCM6490, QCM8550, QCS5430, QCS615, QCS6490, QCS8550, QCS9100, SG8275, SG8275P, SM6650, SM7635, SM7675, SM7675P, SM8550, SM8550P, SM8635, SM8635P, SM8650, SM8650P, SM8650Q, SM8750, SM8750P, SXR2330P, QCA6391, QCA6698AQ, QCN9011, QCN9012, QCN9274, WCN3910, WCN3950, WCN6650, WCN6750, WCN6755, WCN6855, WCN6856, WCN7850, WCN7851, WCN7860, WCN7861, WCN7880, WCN7881 |
| Patch\*\* | |
### CVE-2025-27030
| CVE ID | CVE-2025-27030 |
| --- | --- |
| Title | Buffer Over-read in Audio |
| Description | information disclosure while invoking calibration data from user space to update firmware size. |
| Technology Area | Audio |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.1 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L |
| Date Reported | 2024/11/17 |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | C-V2X 9150, QAM8295P, QCA6574AU, QCA6584AU, QCA6696, QCA6698AQ, QCA9367, QCA9377, QCN9074, QCS410, QCS610, QSM8250, Qualcomm® Video Collaboration VC1 Platform, Qualcomm® Video Collaboration VC3 Platform, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, SA8530P, SA8540P, SA9000P, SDX55, Snapdragon Auto 5G Modem-RF, Snapdragon Auto 5G Modem-RF Gen 2, SW5100, SW5100P, WCD9341, WCD9370, WCN3660B, WCN3680B, WCN3950, WCN3980, WCN3988, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch\*\* | |
### CVE-2025-27033
| CVE ID | CVE-2025-27033 |
| --- | --- |
| Title | Buffer Over-read in Video |
| Description | Information disclosure while running video usecase having rogue firmware. |
| Technology Area | Video |
| Vulnerability Type | CWE-126 Buffer Over-read |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | Medium |
| CVSS Score | 6.1 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L |
| Date Reported | 2024/10/10 |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | QCM5430, QCM6490, QCS5430, QCS6490, QCM8550, QCS8550, QCS615, QCS9100, SM6650, SM7635, SM8650, SM8650P, SM8650Q, SM7675, SM7675P, SM8635, SM8635P, SM8750, SM8750P, SXR2330P, WCN6750, WCN6856, QCN9274, WCN7851, QCA6698AQ, WCN6650, WCN6755, WCN7850, WCN7880, WCN7860, WCN7861, WCN7881 |
| Patch\*\* | |
### CVE-2025-27037
| CVE ID | CVE-2025-27037 |
| --- | --- |
| Title | Use After Free in Camera Driver |
| Description | Memory corruption while processing config\_dev IOCTL when camera kernel driver drops its reference to CPU buffers. |
| Technology Area | Camera Driver |
| Vulnerability Type | CWE-416 Use After Free |
| Access Vector | Local |
| Security Rating | Medium |
| CVSS Rating | High |
| CVSS Score | 7.8 |
| CVSS String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Date Reported | 2024/09/29 |
| Customer Notified Date | 2025/03/03 |
| Affected Chipsets\* | FastConnect 6800, FastConnect 6900, FastConnect 7800, QAM8295P, QCA6391, QCA6426, QCA6436, QCA6574AU, QCA6696, QCN9074, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8295P, SD865 5G, Snapdragon 8 Gen 1 Mobile Platform, Snapdragon 865 5G Mobile Platform, Snapdragon 865+ 5G Mobile Platform (SM8250-AB), Snapdragon 870 5G Mobile Platform (SM8250-AC), Snapdragon X55 5G Modem-RF System, Snapdragon XR2 5G Platform, SW5100, SW5100P, SXR2130, WCD9380, WCN3660B, WCN3680B, WCN3980, WCN3988, WSA8810, WSA8815, WSA8830, WSA8835 |
| Patch\*\* | |
\* The list of affected chipsets may not be complete.
For latest information, device OEMs can contact QTI directly at [www.qualcomm.com/support](https://www.qualcomm.com/support).
\*\* Data is generated only at the time of bulletin creation
## Industry Coordination
Security ratings of issues included in Android security
bulletins and these bulletins match in the most common scenarios but may
differ in some cases due to one of the following reasons:
- Consideration of security protections such as SELinux not enforced on some platforms
- Differences in assessment of some specific
scenarios that involves local denial of service or privilege escalation
vulnerabilities in the high level OS kernel
All Qualcomm products mentioned herein are products of Qualcomm Technologies, Inc. and/or its subsidiaries.
Qualcomm is a trademark of Qualcomm Incorporated, registered in the United States and other countries. Other product and brand names may be trademarks or registered trademarks of their respective owners.
This technical data may be subject to U.S. and international export, re-export, or transfer (“export”) laws. Diversion contrary to U.S. and international law is strictly prohibited.
Qualcomm Technologies, Inc.
San Diego, CA 92121
U.S.A.
© 2022 Qualcomm Technologies, Inc. and/or its subsidiaries. All rights reserved.