Primary

Context

Qualcomm Products Use-After-Free Vulnerability in Automotive Multimedia Component

Vulnerability

A use-after-free vulnerability has been identified in the automotive multimedia component of various chipsets. This vulnerability leads to memory corruption when IOCTL calls are invoked from user space for the HGSL memory node.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to undefined behavior such as arbitrary code execution or causing a system crash.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm March 2025 Security Bulletin.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Products Use-After-Free Vulnerability in Automotive Multimedia Component

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating