Primary

Context

Qualcomm Products Buffer Copy Without Checking Size of Input Vulnerability Leading to Transient Denial-of-Service

Vulnerability

A vulnerability exists in various chipsets used in Qualcomm products, allowing for a transient denial-of-service condition. This issue arises from a buffer copy operation that does not properly check the size of the input, creating a classic buffer overflow scenario. The vulnerability is triggered while processing the country information element, which can lead to memory corruption and disruption of normal device functionality.

Impact

Exploitation of this vulnerability can cause a transient denial-of-service condition, temporarily disrupting the normal operation of the device.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm March 2025 Security Bulletin.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Products Buffer Copy Without Checking Size of Input Vulnerability Leading to Transient Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating