ByteOS Network

CVE Vulnerability Details :

CVE-2025-21458

PUBLISHED

More Info Official Page

Assigner-qualcomm

Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f

Published At-06 Aug, 2025 | 07:25

Updated At-07 Aug, 2025 | 03:55

▼CVE Numbering Authority (CNA)

Use After Free in NPU

Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.

Affected Products

Vendor

Qualcomm Technologies, Inc.

Product

Snapdragon

Platforms

Snapdragon Auto
Snapdragon Connectivity
Snapdragon Mobile
Snapdragon Wearables

Default Status

unaffected

Versions

Affected

FastConnect 6900
QAM8255P
QAM8650P
QAM8775P
QCA6174A
QCA6698AQ
QCA6797AQ
SA7255P
SA7775P
SA8255P
SA8620P
SA8650P
SA8775P
SA9000P
Snapdragon 888 5G Mobile Platform
Snapdragon 888+ 5G Mobile Platform (SM8350-AC)
SW5100
SW5100P
WCD9380
WCD9385
WCN3980
WCN3988
WSA8830
WSA8835

Problem Types

Type	CWE ID	Description
CWE	CWE-416	CWE-416 Use After Free

Type: CWE

CWE ID: CWE-416

Description: CWE-416 Use After Free

Metrics

Version	Base score	Base severity	Vector
3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Hyperlink	Resource
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html	N/A

Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References