CVE-2025-21436
HIGHDescription
Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads.
Is your site exposed to CVE-2025-21436?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| qualcomm | fastconnect_7800_firmware |
| qualcomm | fastconnect_7800 |
| qualcomm | qmp1000_firmware |
| qualcomm | qmp1000 |
| qualcomm | sm8735_firmware |
| qualcomm | sm8735 |
| qualcomm | sm8750_firmware |
| qualcomm | sm8750 |
| qualcomm | sm8750p_firmware |
| qualcomm | sm8750p |
| qualcomm | snapdragon_8_gen_3_mobile_platform_firmware |
| qualcomm | snapdragon_8_gen_3_mobile_platform |
| qualcomm | snapdragon_w5\+_gen_1_wearable_platform_firmware |
| qualcomm | snapdragon_w5\+_gen_1_wearable_platform |
| qualcomm | sw5100_firmware |
| qualcomm | sw5100 |
| qualcomm | sw5100p_firmware |
| qualcomm | sw5100p |
| qualcomm | sxr2330p_firmware |
| qualcomm | sxr2330p |
| qualcomm | wcd9378_firmware |
| qualcomm | wcd9378 |
| qualcomm | wcd9380_firmware |
| qualcomm | wcd9380 |
| qualcomm | wcd9390_firmware |
| qualcomm | wcd9390 |
| qualcomm | wcd9395_firmware |
| qualcomm | wcd9395 |
| qualcomm | wcn7750_firmware |
| qualcomm | wcn7750 |
| qualcomm | wcn7860_firmware |
| qualcomm | wcn7860 |
| qualcomm | wcn7861_firmware |
| qualcomm | wcn7861 |
| qualcomm | wcn7880_firmware |
| qualcomm | wcn7880 |
| qualcomm | wcn7881_firmware |
| qualcomm | wcn7881 |
| qualcomm | wsa8830_firmware |
| qualcomm | wsa8830 |
| qualcomm | wsa8832_firmware |
| qualcomm | wsa8832 |
| qualcomm | wsa8835_firmware |
| qualcomm | wsa8835 |
| qualcomm | wsa8840_firmware |
| qualcomm | wsa8840 |
| qualcomm | wsa8845_firmware |
| qualcomm | wsa8845 |
| qualcomm | wsa8845h_firmware |
| qualcomm | wsa8845h |
References
Frequently Asked Questions
What is CVE-2025-21436? +
How severe is CVE-2025-21436? +
What products are affected by CVE-2025-21436? +
How do I check if I'm vulnerable to CVE-2025-21436? +
Related Vulnerabilities
Buffa is a pure-Rust Protocol Buffers implementation with first-class protobuf editions support. Prior to 0.7.0, a soundness bug in the …
A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the …
YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the …
YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in …
Use-after-free vulnerability in ESET Linux products potentially allowed an attacker to trigger kernel panic on the system
rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions `ssl::select_next_proto` can return a slice …