7.8

CVE-2025-21439

Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer.

Data is provided by the National Vulnerability Database (NVD)
QualcommQca6595au Firmware Version-
   QualcommQca6595au Version-
QualcommQcm5430 Firmware Version-
   QualcommQcm5430 Version-
QualcommQcm6490 Firmware Version-
   QualcommQcm6490 Version-
QualcommQcn7605 Firmware Version-
   QualcommQcn7605 Version-
QualcommQcn7606 Firmware Version-
   QualcommQcn7606 Version-
QualcommQcs5430 Firmware Version-
   QualcommQcs5430 Version-
QualcommQcs6490 Firmware Version-
   QualcommQcs6490 Version-
QualcommWcd9370 Firmware Version-
   QualcommWcd9370 Version-
QualcommWcd9375 Firmware Version-
   QualcommWcd9375 Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
QualcommWcd9385 Firmware Version-
   QualcommWcd9385 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.026
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
product-security@qualcomm.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.