Qualcomm FastConnect 6200
Moderate fix1 remedy
cpe:2.3:h:qualcomm:fastconnect_6200:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
Qualcomm Automotive Linux OS Use-After-Free Vulnerability CVE-2025-21437
Vulnerability
A use-after-free vulnerability has been identified in the Automotive Linux operating system, specifically in memory management. This vulnerability arises from the improper handling of memory map or unmap IOCTL operations when processed simultaneously, leading to memory corruption.
Impact
Exploitation of this vulnerability can cause memory corruption, which may result in arbitrary code execution or a local denial-of-service condition.
Reproduction
The vulnerability can be reproduced by sending simultaneous memory map or unmap IOCTL requests, which can be done through a custom application or script that interfaces with the device's IOCTL system.
Remediation
Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm April 2025 Security Bulletin.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
8.1impact
2.5exploitability
3.4remediation
7.7relevance
0.0threat
1.6urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.