Primary

Context

Qualcomm Products Memory Corruption Vulnerability in GPS HLOS Driver Allowing Use-After-Free

Vulnerability

A memory corruption vulnerability has been identified in various chipsets of Qualcomm products, including those in the Snapdragon 8 and 7 series, as well as in several automotive platforms. This vulnerability arises from a use-after-free condition in the GPS HLOS driver, where an iterator is accessed after being removed from a data structure, potentially leading to memory corruption and application failures.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to application crashes or unpredictable behavior.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm May 2025 Security Bulletin.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Products Memory Corruption Vulnerability in GPS HLOS Driver Allowing Use-After-Free

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating