CVE-2025-21461 - Vulnerability Details

Memory corruption when programming registers through virtual CDM.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00013.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Qualcomm	Fastconnect 6900 Fastconnect 6900 Firmware Fastconnect 7800 Fastconnect 7800 Firmware Sm6650 Sm6650 Firmware Sm7635 Sm7635 Firmware Sm7675 Sm7675 Firmware Sm7675p Sm7675p Firmware Sm8635 Sm8635 Firmware Sm8635p Sm8635p Firmware Snapdragon Snapdragon 8 Gen 1 Mobile Platform Snapdragon 8 Gen 1 Mobile Platform Firmware Snapdragon 8 Gen 3 Mobile Platform Snapdragon 8 Gen 3 Mobile Platform Firmware Wcd9370 Wcd9370 Firmware Wcd9375 Wcd9375 Firmware Wcd9378 Wcd9378 Firmware Wcd9380 Wcd9380 Firmware Wcd9390 Wcd9390 Firmware Wcd9395 Wcd9395 Firmware Wcn6650 Wcn6650 Firmware Wcn6755 Wcn6755 Firmware Wsa8830 Wsa8830 Firmware Wsa8832 Wsa8832 Firmware Wsa8835 Wsa8835 Firmware Wsa8840 Wsa8840 Firmware Wsa8845 Wsa8845 Firmware Wsa8845h Wsa8845h Firmware

Configuration 1 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:qualcomm:sm6650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6650:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:qualcomm:sm7635_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7635:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:qualcomm:sm7675_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7675:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:qualcomm:sm7675p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7675p:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:qualcomm:sm8635_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8635:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:qualcomm:sm8635p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8635p:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile_platform:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Qualcomm	Snapdragon

References

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
https://nvd.nist.gov/vuln/detail/CVE-2025-21461
https://www.cve.org/CVERecord?id=CVE-2025-21461

History

Tue, 19 Aug 2025 13:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm fastconnect 6900 Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm sm6650 Qualcomm sm6650 Firmware Qualcomm sm7635 Qualcomm sm7635 Firmware Qualcomm sm7675 Qualcomm sm7675 Firmware Qualcomm sm7675p Qualcomm sm7675p Firmware Qualcomm sm8635 Qualcomm sm8635 Firmware Qualcomm sm8635p Qualcomm sm8635p Firmware Qualcomm snapdragon 8 Gen 1 Mobile Platform Qualcomm snapdragon 8 Gen 1 Mobile Platform Firmware Qualcomm snapdragon 8 Gen 3 Mobile Platform Qualcomm snapdragon 8 Gen 3 Mobile Platform Firmware Qualcomm wcd9370 Qualcomm wcd9370 Firmware Qualcomm wcd9375 Qualcomm wcd9375 Firmware Qualcomm wcd9378 Qualcomm wcd9378 Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wcd9390 Qualcomm wcd9390 Firmware Qualcomm wcd9395 Qualcomm wcd9395 Firmware Qualcomm wcn6650 Qualcomm wcn6650 Firmware Qualcomm wcn6755 Qualcomm wcn6755 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8832 Qualcomm wsa8832 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware Qualcomm wsa8840 Qualcomm wsa8840 Firmware Qualcomm wsa8845 Qualcomm wsa8845 Firmware Qualcomm wsa8845h Qualcomm wsa8845h Firmware
CPEs		cpe:2.3:h:qualcomm:fastconnect_6900:-:::::::* cpe:2.3:h:qualcomm:fastconnect_7800:-:::::::* cpe:2.3:h:qualcomm:sm6650:-:::::::* cpe:2.3:h:qualcomm:sm7635:-:::::::* cpe:2.3:h:qualcomm:sm7675:-:::::::* cpe:2.3:h:qualcomm:sm7675p:-:::::::* cpe:2.3:h:qualcomm:sm8635:-:::::::* cpe:2.3:h:qualcomm:sm8635p:-:::::::* cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:::::::* cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile_platform:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:h:qualcomm:wcd9375:-:::::::* cpe:2.3:h:qualcomm:wcd9378:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:wcd9390:-:::::::* cpe:2.3:h:qualcomm:wcd9395:-:::::::* cpe:2.3:h:qualcomm:wcn6650:-:::::::* cpe:2.3:h:qualcomm:wcn6755:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:wsa8832:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:h:qualcomm:wsa8840:-:::::::* cpe:2.3:h:qualcomm:wsa8845:-:::::::* cpe:2.3:h:qualcomm:wsa8845h:-:::::::* cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:::::::* cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:::::::* cpe:2.3:o:qualcomm:sm6650_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7635_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7675_firmware:-:::::::* cpe:2.3:o:qualcomm:sm7675p_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8635_firmware:-:::::::* cpe:2.3:o:qualcomm:sm8635p_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_platform_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9378_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9390_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9395_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6650_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn6755_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8832_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8840_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8845_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8845h_firmware:-:::::::*
Vendors & Products		Qualcomm fastconnect 6900 Qualcomm fastconnect 6900 Firmware Qualcomm fastconnect 7800 Qualcomm fastconnect 7800 Firmware Qualcomm sm6650 Qualcomm sm6650 Firmware Qualcomm sm7635 Qualcomm sm7635 Firmware Qualcomm sm7675 Qualcomm sm7675 Firmware Qualcomm sm7675p Qualcomm sm7675p Firmware Qualcomm sm8635 Qualcomm sm8635 Firmware Qualcomm sm8635p Qualcomm sm8635p Firmware Qualcomm snapdragon 8 Gen 1 Mobile Platform Qualcomm snapdragon 8 Gen 1 Mobile Platform Firmware Qualcomm snapdragon 8 Gen 3 Mobile Platform Qualcomm snapdragon 8 Gen 3 Mobile Platform Firmware Qualcomm wcd9370 Qualcomm wcd9370 Firmware Qualcomm wcd9375 Qualcomm wcd9375 Firmware Qualcomm wcd9378 Qualcomm wcd9378 Firmware Qualcomm wcd9380 Qualcomm wcd9380 Firmware Qualcomm wcd9390 Qualcomm wcd9390 Firmware Qualcomm wcd9395 Qualcomm wcd9395 Firmware Qualcomm wcn6650 Qualcomm wcn6650 Firmware Qualcomm wcn6755 Qualcomm wcn6755 Firmware Qualcomm wsa8830 Qualcomm wsa8830 Firmware Qualcomm wsa8832 Qualcomm wsa8832 Firmware Qualcomm wsa8835 Qualcomm wsa8835 Firmware Qualcomm wsa8840 Qualcomm wsa8840 Firmware Qualcomm wsa8845 Qualcomm wsa8845 Firmware Qualcomm wsa8845h Qualcomm wsa8845h Firmware

Thu, 07 Aug 2025 07:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm Qualcomm snapdragon
Vendors & Products		Qualcomm Qualcomm snapdragon

Wed, 06 Aug 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 06 Aug 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2025-21461 https://www.cve.org/CVERecord?id=CVE-2025-21461
Metrics	threat_severity `None`	threat_severity `Important`

Wed, 06 Aug 2025 07:45:00 +0000

Type	Values Removed	Values Added
Description		Memory corruption when programming registers through virtual CDM.
Title		Out-of-bounds Write in Camera_Linux
Weaknesses		CWE-787
References		https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2025-08-06T07:25:52.424Z

Updated: 2025-08-07T03:55:15.667Z

Reserved: 2024-12-18T09:50:08.926Z

Link: CVE-2025-21461

Vulnrichment

Updated: 2025-08-06T14:30:39.508Z

NVD

Status : Analyzed

Published: 2025-08-06T08:15:27.470

Modified: 2025-08-19T13:20:45.280

Link: CVE-2025-21461

Redhat

Severity : Important

Publid Date: 2025-08-06T07:25:52Z

Links: CVE-2025-21461 - Bugzilla

OpenCVE Enrichment

Updated: 2025-08-06T15:12:32Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object