Primary

Context

Qualcomm Automotive QNX OS Buffer Over-read Vulnerability Leading to Transient Denial-of-Service

Vulnerability

A buffer over-read vulnerability has been identified in the Automotive QNX OS used by Qualcomm. This vulnerability can lead to a transient denial-of-service condition when the GVM sends a specific message type to the Vdev-FastRPC backend.

Impact

Exploitation of this vulnerability can cause a temporary denial-of-service condition, disrupting normal operations by causing a process or service to become unresponsive or unavailable for a period of time.

Remediation

Qualcomm has notified customers about this vulnerability and is actively sharing patches. Instructions for applying the patch can be found in the January 2025 Qualcomm Security Bulletin.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Automotive QNX OS Buffer Over-read Vulnerability Leading to Transient Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating