We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-21458

Use After Free in NPU



Description

Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.

Reserved 2024-12-18 | Published 2025-08-06 | Updated 2025-08-06 | Assigner qualcomm


HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-416 Use After Free

Product status

Default status
unaffected

FastConnect 6900
affected

QAM8255P
affected

QAM8650P
affected

QAM8775P
affected

QCA6174A
affected

QCA6698AQ
affected

QCA6797AQ
affected

SA7255P
affected

SA7775P
affected

SA8255P
affected

SA8620P
affected

SA8650P
affected

SA8775P
affected

SA9000P
affected

Snapdragon 888 5G Mobile Platform
affected

Snapdragon 888+ 5G Mobile Platform (SM8350-AC)
affected

SW5100
affected

SW5100P
affected

WCD9380
affected

WCD9385
affected

WCN3980
affected

WCN3988
affected

WSA8830
affected

WSA8835
affected

References

docs.qualcomm.com/...uritybulletin/august-2025-bulletin.html

cve.org (CVE-2025-21458)

nvd.nist.gov (CVE-2025-21458)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-21458

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.