CVE-2025-27075
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-06
Last updated on: 2025-08-18
Assigner: Qualcomm, Inc.
Description
Description
Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | aqt1000_firmware | * |
| qualcomm | aqt1000 | * |
| qualcomm | fastconnect_6200_firmware | * |
| qualcomm | fastconnect_6200 | * |
| qualcomm | fastconnect_6700_firmware | * |
| qualcomm | fastconnect_6700 | * |
| qualcomm | fastconnect_6800_firmware | * |
| qualcomm | fastconnect_6800 | * |
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_6900 | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | fastconnect_7800 | * |
| qualcomm | qca6391_firmware | * |
| qualcomm | qca6391 | * |
| qualcomm | qca6420_firmware | * |
| qualcomm | qca6420 | * |
| qualcomm | qca6430_firmware | * |
| qualcomm | qca6430 | * |
| qualcomm | qcm5430_firmware | * |
| qualcomm | qcm5430 | * |
| qualcomm | qcm6490_firmware | * |
| qualcomm | qcm6490 | * |
| qualcomm | qcs5430_firmware | * |
| qualcomm | qcs5430 | * |
| qualcomm | qcs6490_firmware | * |
| qualcomm | qcs6490 | * |
| qualcomm | video_collaboration_vc3_platform_firmware | * |
| qualcomm | video_collaboration_vc3_platform | * |
| qualcomm | sc8380xp_firmware | * |
| qualcomm | sc8380xp | * |
| qualcomm | snapdragon_7c\+_gen_3_compute_firmware | * |
| qualcomm | snapdragon_7c\+_gen_3_compute | * |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180x-ad\)_firmware | * |
| qualcomm | snapdragon_8c_compute_platform_\(sc8180x-ad\) | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmware | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-aa\) | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmware | * |
| qualcomm | snapdragon_8cx_compute_platform_\(sc8180x-ab\) | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\) | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\) | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\) | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmware | * |
| qualcomm | snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\) | * |
| qualcomm | wcd9340_firmware | * |
| qualcomm | wcd9340 | * |
| qualcomm | wcd9341_firmware | * |
| qualcomm | wcd9341 | * |
| qualcomm | wcd9370_firmware | * |
| qualcomm | wcd9370 | * |
| qualcomm | wcd9375_firmware | * |
| qualcomm | wcd9375 | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9380 | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcd9385 | * |
| qualcomm | wsa8810_firmware | * |
| qualcomm | wsa8810 | * |
| qualcomm | wsa8815_firmware | * |
| qualcomm | wsa8815 | * |
| qualcomm | wsa8830_firmware | * |
| qualcomm | wsa8830 | * |
| qualcomm | wsa8835_firmware | * |
| qualcomm | wsa8835 | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8840 | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845 | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | wsa8845h | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-129 | The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory corruption issue that occurs when processing an IOCTL command with a larger buffer in the Bluetooth Host component. It means that the system improperly handles input data size, which can lead to unexpected behavior or crashes.
How can this vulnerability impact me? :
The vulnerability can lead to serious impacts including high confidentiality, integrity, and availability risks. An attacker with limited privileges and local access could exploit this to corrupt memory, potentially causing system crashes, unauthorized data access, or other malicious actions.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70