Volerion logoVolerion
Volerion logoVolerion

Qualcomm Automotive OS Platform Memory Corruption Vulnerability via Guest VM Interaction

Vulnerability

A memory corruption vulnerability has been identified in the Qualcomm Automotive Software platform based on QNX. This issue arises from improper input validation while reading type values from buffers controlled by the Guest Virtual Machine, potentially leading to memory corruption.

Impact

Exploitation of this vulnerability can cause memory corruption, which may be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the system.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm March 2025 Security Bulletin.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
8.1
impact
0.0
exploitability
3.5
remediation
0.0
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.