We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-21436

Use After Free in DSP Service



Description

Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.

Reserved 2024-12-18 | Published 2025-04-07 | Updated 2025-04-08 | Assigner qualcomm


HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-416 Use After Free

Product status

Default status
unaffected

FastConnect 7800
affected

QMP1000
affected

SM8735
affected

SM8750
affected

SM8750P
affected

Snapdragon 8 Gen 3 Mobile Platform
affected

Snapdragon W5+ Gen 1 Wearable Platform
affected

SW5100
affected

SW5100P
affected

SXR2330P
affected

WCD9378
affected

WCD9380
affected

WCD9390
affected

WCD9395
affected

WCN7750
affected

WCN7860
affected

WCN7861
affected

WCN7880
affected

WCN7881
affected

WSA8830
affected

WSA8832
affected

WSA8835
affected

WSA8840
affected

WSA8845
affected

WSA8845H
affected

References

docs.qualcomm.com/...curitybulletin/april-2025-bulletin.html

cve.org (CVE-2025-21436)

nvd.nist.gov (CVE-2025-21436)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-21436

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.