Primary

Context

Qualcomm Automotive Software Platform Memory Corruption Vulnerability Allowing Denial-of-Service

Vulnerability

A memory corruption vulnerability has been identified in the Qualcomm Automotive Software platform based on QNX. This issue arises while processing messages when the buffer is controlled by a Guest VM, allowing for continuous modification of the buffer's value. The vulnerability could lead to a transient denial-of-service condition by causing memory corruption during the handling of specific messages, potentially disrupting normal operations.

Impact

Exploitation of this vulnerability can cause memory corruption, leading to a transient denial-of-service condition by disrupting normal operations on the affected system.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm May 2025 Security Bulletin.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Affected Products

Qualcomm QAM8255P

0 remedies

cpe:2.3:h:qualcomm:qam8255p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QAM8295P

0 remedies

cpe:2.3:h:qualcomm:qam8295p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QAM8620P

0 remedies

cpe:2.3:h:qualcomm:qam8620p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QAM8650P

0 remedies

cpe:2.3:h:qualcomm:qam8650p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QAM8775P

0 remedies

cpe:2.3:h:qualcomm:qam8775p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QAMSRV1H

0 remedies

cpe:2.3:h:qualcomm:qamsrv1h:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QAMSRV1M

0 remedies

cpe:2.3:h:qualcomm:qamsrv1m:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QCA6574A

0 remedies

cpe:2.3:h:qualcomm:qca6574:*:*:*:*:*:*:*, +3 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QCA6574AU

0 remedies

cpe:2.3:h:qualcomm:qca6574au:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QCA6595

0 remedies

cpe:2.3:h:qualcomm:qca6595:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QCA6595AU

0 remedies

cpe:2.3:h:qualcomm:qca6595au:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QCA6688AQ

0 remedies

cpe:2.3:h:qualcomm:qca6688aq:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QCA6696

0 remedies

cpe:2.3:h:qualcomm:qca6696:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm QCA6698AQ

0 remedies

cpe:2.3:h:qualcomm:qca6698aq:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA6145P

0 remedies

cpe:2.3:h:qualcomm:sa6145p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA6150P

0 remedies

cpe:2.3:h:qualcomm:sa6150p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA6155

0 remedies

cpe:2.3:h:qualcomm:sa6155:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA6155P

0 remedies

cpe:2.3:h:qualcomm:sa6155p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA7255P

0 remedies

cpe:2.3:h:qualcomm:sa7255p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA8145P

0 remedies

cpe:2.3:h:qualcomm:sa8145p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA8255P

0 remedies

cpe:2.3:h:qualcomm:sa8255p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA8650P

0 remedies

cpe:2.3:h:qualcomm:sa8650p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Qualcomm SA8770P

0 remedies

cpe:2.3:h:qualcomm:sa8770p:*:*:*:*:*:*:*, +1 more

0 remedies

>= 12.1X46, < 12.1X46-D81

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

0.6

exploitability

3.1

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

0.6

exploitability

3.1

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Automotive Software Platform Memory Corruption Vulnerability Allowing Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Qualcomm QAM8255P

Qualcomm QAM8295P

Qualcomm QAM8620P

Qualcomm QAM8650P

Qualcomm QAM8775P

Qualcomm QAMSRV1H

Qualcomm QAMSRV1M

Qualcomm QCA6574A

Qualcomm QCA6574AU

Qualcomm QCA6595

Qualcomm QCA6595AU

Qualcomm QCA6688AQ

Qualcomm QCA6696

Qualcomm QCA6698AQ

Qualcomm SA6145P

Qualcomm SA6150P

Qualcomm SA6155

Qualcomm SA6155P

Qualcomm SA7255P

Qualcomm SA8145P

Qualcomm SA8255P

Qualcomm SA8650P

Qualcomm SA8770P

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating