CVE-2025-21438
HIGHDescription
Memory corruption while IOCTL call is invoked from user-space to read board data.
Is your site exposed to CVE-2025-21438?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| qualcomm | fastconnect_6200_firmware |
| qualcomm | fastconnect_6200 |
| qualcomm | fastconnect_6700_firmware |
| qualcomm | fastconnect_6700 |
| qualcomm | fastconnect_6900_firmware |
| qualcomm | fastconnect_6900 |
| qualcomm | fastconnect_7800_firmware |
| qualcomm | fastconnect_7800 |
| qualcomm | qca6164_firmware |
| qualcomm | qca6164 |
| qualcomm | qca6174_firmware |
| qualcomm | qca6174 |
| qualcomm | qca6174a_firmware |
| qualcomm | qca6174a |
| qualcomm | qca6595au_firmware |
| qualcomm | qca6595au |
| qualcomm | qca9377_firmware |
| qualcomm | qca9377 |
| qualcomm | qcm5430_firmware |
| qualcomm | qcm5430 |
| qualcomm | qcm6490_firmware |
| qualcomm | qcm6490 |
| qualcomm | qcn7605_firmware |
| qualcomm | qcn7605 |
| qualcomm | qcn7606_firmware |
| qualcomm | qcn7606 |
| qualcomm | qcs5430_firmware |
| qualcomm | qcs5430 |
| qualcomm | qcs6490_firmware |
| qualcomm | qcs6490 |
| qualcomm | video_collaboration_vc3_platform_firmware |
| qualcomm | video_collaboration_vc3_platform |
| qualcomm | sc8180x\+sdx55_firmware |
| qualcomm | sc8180x\+sdx55 |
| qualcomm | sc8380xp_firmware |
| qualcomm | sc8380xp |
| qualcomm | sm6250_firmware |
| qualcomm | sm6250 |
| qualcomm | snapdragon_7c_compute_platform_\(sc7180-ac\)_firmware |
| qualcomm | snapdragon_7c_compute_platform_\(sc7180-ac\) |
| qualcomm | snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmware |
| qualcomm | snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\" |
| qualcomm | snapdragon_7c\+_gen_3_compute_firmware |
| qualcomm | snapdragon_7c\+_gen_3_compute |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180x-ad\)_firmware |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180x-ad\) |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180xp-ad\)_firmware |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180xp-ad\) |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmware |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-aa\) |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmware |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-ab\) |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180xp-ac\)_firmware |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180xp-ac\) |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180xp-af\)_firmware |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180xp-af\) |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmware |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\) |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmware |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\) |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)_firmware |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\) |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)_firmware |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\) |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmware |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\) |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmware |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\) |
| qualcomm | wcd9370_firmware |
| qualcomm | wcd9370 |
| qualcomm | wcd9375_firmware |
| qualcomm | wcd9375 |
| qualcomm | wcd9380_firmware |
| qualcomm | wcd9380 |
| qualcomm | wcd9385_firmware |
| qualcomm | wcd9385 |
| qualcomm | wsa8830_firmware |
| qualcomm | wsa8830 |
| qualcomm | wsa8835_firmware |
| qualcomm | wsa8835 |
| qualcomm | wsa8840_firmware |
| qualcomm | wsa8840 |
| qualcomm | wsa8845_firmware |
| qualcomm | wsa8845 |
| qualcomm | wsa8845h_firmware |
| qualcomm | wsa8845h |
References
Frequently Asked Questions
What is CVE-2025-21438? +
How severe is CVE-2025-21438? +
What products are affected by CVE-2025-21438? +
How do I check if I'm vulnerable to CVE-2025-21438? +
Related Vulnerabilities
libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where get_byte_inc() in src/oscore/oscore_cbor.c relies solely on assert() …
Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows. This issue affects Citrix Secure Access Client for Windows: …
An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system …
HTML::Bare versions through 0.04 for Perl have an unbounded character lookahead. The parserc_parse function attempts to check for multicharacter strings …
XML::Bare versions through 0.53 for Perl have an unbounded character lookahead. The parserc_parse function attempts to check for multicharacter strings …
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syck_base64dec. The base64 decoder …