CVE-2025-21461 - Vulnerability Details

Memory corruption when programming registers through virtual CDM.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00016.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Qualcomm, Inc.

Snapdragon

unaffected

Version	Status	Constraints
`FastConnect 6900`	affected	—
`FastConnect 7800`	affected	—
`SM6650`	affected	—
`SM7635`	affected	—
`SM7675`	affected	—
`SM7675P`	affected	—
`SM8635`	affected	—
`SM8635P`	affected	—
`Snapdragon 8 Gen 1 Mobile Platform`	affected	—
`Snapdragon 8 Gen 3 Mobile Platform`	affected	—
`WCD9370`	affected	—
`WCD9375`	affected	—
`WCD9378`	affected	—
`WCD9380`	affected	—
`WCD9390`	affected	—
`WCD9395`	affected	—
`WCN6650`	affected	—
`WCN6755`	affected	—
`WSA8830`	affected	—
`WSA8832`	affected	—
`WSA8835`	affected	—
`WSA8840`	affected	—
`WSA8845`	affected	—
`WSA8845H`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:sm6650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6650:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:sm7635_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7635:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:sm7675_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7675:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:sm7675p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7675p:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:sm8635_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8635:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:sm8635p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8635p:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile_platform:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Qualcomm Subscribe	Snapdragon Subscribe

Project Subscriptions

Vendors	Products
Qualcomm Subscribe	Fastconnect 6900 Subscribe Fastconnect 6900 Firmware Subscribe Fastconnect 7800 Subscribe Fastconnect 7800 Firmware Subscribe Sm6650 Subscribe Sm6650 Firmware Subscribe Sm7635 Subscribe Sm7635 Firmware Subscribe Sm7675 Subscribe Sm7675 Firmware Subscribe Sm7675p Subscribe Sm7675p Firmware Subscribe Sm8635 Subscribe Sm8635 Firmware Subscribe Sm8635p Subscribe Sm8635p Firmware Subscribe Snapdragon Subscribe Snapdragon 8 Gen 1 Mobile Platform Subscribe Snapdragon 8 Gen 1 Mobile Platform Firmware Subscribe Snapdragon 8 Gen 3 Mobile Platform Subscribe Snapdragon 8 Gen 3 Mobile Platform Firmware Subscribe Wcd9370 Subscribe Wcd9370 Firmware Subscribe Wcd9375 Subscribe Wcd9375 Firmware Subscribe Wcd9378 Subscribe Wcd9378 Firmware Subscribe Wcd9380 Subscribe Wcd9380 Firmware Subscribe Wcd9390 Subscribe Wcd9390 Firmware Subscribe Wcd9395 Subscribe Wcd9395 Firmware Subscribe Wcn6650 Subscribe Wcn6650 Firmware Subscribe Wcn6755 Subscribe Wcn6755 Firmware Subscribe Wsa8830 Subscribe Wsa8830 Firmware Subscribe Wsa8832 Subscribe Wsa8832 Firmware Subscribe Wsa8835 Subscribe Wsa8835 Firmware Subscribe Wsa8840 Subscribe Wsa8840 Firmware Subscribe Wsa8845 Subscribe Wsa8845 Firmware Subscribe Wsa8845h Subscribe Wsa8845h Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2025-23805	Memory corruption when programming registers through virtual CDM.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
https://nvd.nist.gov/vuln/detail/CVE-2025-21461
https://www.cve.org/CVERecord?id=CVE-2025-21461

History

Tue, 19 Aug 2025 13:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm fastconnect 6900 Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm sm6650 Qualcomm sm6650 Firmware Qualcomm sm7635 Qualcomm sm7635 Firmware Qualcomm sm7675 Qualcomm sm7675 Firmware Qualcomm sm7675p Qualcomm sm7675p Firmware Qualcomm sm8635 Qualcomm sm8635 Firmware Qualcomm sm8635p Qualcomm sm8635p Firmware Qualcomm snapdragon 8 Gen 1 Mobile Platform Qualcomm snapdragon 8 Gen 1 Mobile Platform Firmware Qualcomm snapdragon 8 Gen 3 Mobile Platform Qualcomm snapdragon 8 Gen 3 Mobile Platform Firmware Qualcomm wcd9370 Qualcomm wcd9370 Firmware Qualcomm wcd9375 Qualcomm wcd9375 Firmware Qualcomm wcd9378 Qualcomm wcd9378 Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wcd9390 Qualcomm wcd9390 Firmware Qualcomm wcd9395 Qualcomm wcd9395 Firmware Qualcomm wcn6650 Qualcomm wcn6650 Firmware Qualcomm wcn6755 Qualcomm wcn6755 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8832 Qualcomm wsa8832 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware Qualcomm wsa8840 Qualcomm wsa8840 Firmware Qualcomm wsa8845 Qualcomm wsa8845 Firmware Qualcomm wsa8845h Qualcomm wsa8845h Firmware
CPEs		cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::* cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::* cpe:2.3:h:qualcomm:sm6650:-:::::::* cpe:2.3:h:qualcomm:sm7635:-:::::::* cpe:2.3:h:qualcomm:sm7675:-:::::::* cpe:2.3:h:qualcomm:sm7675p:-:::::::* cpe:2.3:h:qualcomm:sm8635:-:::::::* cpe:2.3:h:qualcomm:sm8635p:-:::::::* cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:::::::* cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile_platform:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:h:qualcomm:wcd9375:-:::::::* cpe:2.3:h:qualcomm:wcd9378:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:wcd9390:-:::::::* cpe:2.3:h:qualcomm:wcd9395:-:::::::* cpe:2.3:h:qualcomm:wcn6650:-:::::::* cpe:2.3:h:qualcomm:wcn6755:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:wsa8832:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:h:qualcomm:wsa8840:-:::::::* cpe:2.3:h:qualcomm:wsa8845:-:::::::* cpe:2.3:h:qualcomm:wsa8845h:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:o:qualcomm:sm6650_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7635_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7675_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7675p_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8635_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8635p_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9378_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9390_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9395_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6650_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6755_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8840_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8845_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8845h_firmware:-:::::::*
Vendors & Products		Qualcomm fastconnect 6900 Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm sm6650 Qualcomm sm6650 Firmware Qualcomm sm7635 Qualcomm sm7635 Firmware Qualcomm sm7675 Qualcomm sm7675 Firmware Qualcomm sm7675p Qualcomm sm7675p Firmware Qualcomm sm8635 Qualcomm sm8635 Firmware Qualcomm sm8635p Qualcomm sm8635p Firmware Qualcomm snapdragon 8 Gen 1 Mobile Platform Qualcomm snapdragon 8 Gen 1 Mobile Platform Firmware Qualcomm snapdragon 8 Gen 3 Mobile Platform Qualcomm snapdragon 8 Gen 3 Mobile Platform Firmware Qualcomm wcd9370 Qualcomm wcd9370 Firmware Qualcomm wcd9375 Qualcomm wcd9375 Firmware Qualcomm wcd9378 Qualcomm wcd9378 Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wcd9390 Qualcomm wcd9390 Firmware Qualcomm wcd9395 Qualcomm wcd9395 Firmware Qualcomm wcn6650 Qualcomm wcn6650 Firmware Qualcomm wcn6755 Qualcomm wcn6755 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8832 Qualcomm wsa8832 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware Qualcomm wsa8840 Qualcomm wsa8840 Firmware Qualcomm wsa8845 Qualcomm wsa8845 Firmware Qualcomm wsa8845h Qualcomm wsa8845h Firmware

Thu, 07 Aug 2025 07:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm Qualcomm snapdragon
Vendors & Products		Qualcomm Qualcomm snapdragon

Wed, 06 Aug 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 06 Aug 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2025-21461 https://www.cve.org/CVERecord?id=CVE-2025-21461
Metrics	threat_severity `None`	threat_severity `Important`

Wed, 06 Aug 2025 07:45:00 +0000

Type	Values Removed	Values Added
Description		Memory corruption when programming registers through virtual CDM.
Title		Out-of-bounds Write in Camera_Linux
Weaknesses		CWE-787
References		https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2025-08-06T07:25:52.424Z

Updated: 2025-08-07T03:55:15.667Z

Reserved: 2024-12-18T09:50:08.926Z

Link: CVE-2025-21461

Vulnrichment

Updated: 2025-08-06T14:30:39.508Z

NVD

Status : Analyzed

Published: 2025-08-06T08:15:27.470

Modified: 2025-08-19T13:20:45.280

Link: CVE-2025-21461

Redhat

Severity : Important

Publid Date: 2025-08-06T07:25:52Z

Links: CVE-2025-21461 - Bugzilla

OpenCVE Enrichment

Updated: 2025-08-06T15:12:32Z

Weaknesses

CWE-787

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object