CVE-2025-27046 – Qualcomm Products Double Free Vulnerability in Display Component

Vulnerability

A vulnerability allowing memory corruption has been identified in various chipsets of Qualcomm products. This issue arises from a double free condition while processing multiple simultaneous escape calls, which can lead to memory corruption.

Impact

Exploitation of this vulnerability causes memory corruption, which can potentially be exploited to execute arbitrary code or cause a denial-of-service condition by crashing the application or system.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm July 2025 Security Bulletin.

Added: Jul 8, 2025, 2:19 PM

Updated: Jul 8, 2025, 2:19 PM

Affected Products

Qualcomm AQT1000

0 remedies

cpe:2.3:h:qualcomm:aqt1000:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 6200

0 remedies

cpe:2.3:h:qualcomm:fastconnect_6200:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 6700

0 remedies

cpe:2.3:h:qualcomm:fastconnect_6700:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 6800

0 remedies

cpe:2.3:h:qualcomm:fastconnect_6800:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 6900

0 remedies

cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 7800

0 remedies

cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm QCA6391

0 remedies

cpe:2.3:h:qualcomm:qca6391:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm QCA6420

0 remedies

cpe:2.3:h:qualcomm:qca6420:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm QCA6430

0 remedies

cpe:2.3:h:qualcomm:qca6430:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm QCM5430

0 remedies

cpe:2.3:h:qualcomm:qcm5430:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm QCM6490

0 remedies

cpe:2.3:h:qualcomm:qcm6490:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm QCS5430

0 remedies

cpe:2.3:h:qualcomm:qcs5430:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm QCS6490

0 remedies

cpe:2.3:h:qualcomm:qcs6490:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm Qualcomm Video Collaboration VC3 Platform

0 remedies

cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc1_platform:*:*:*:*:*:*:*, +5 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm SC8180X

0 remedies

cpe:2.3:h:qualcomm:sc8180x:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm SC8380XP

0 remedies

cpe:2.3:h:qualcomm:sc8380xp:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

Qualcomm SM6250

0 remedies

cpe:2.3:h:qualcomm:sm6250:*:*:*:*:*:*:*, +1 more

0 remedies

>= 1.0, < 1.0.0.1

CVSS Scores

volerion

4.8

CVSS 4.0

4.8

Medium

volerion

3.3

CVSS 3.1

3.3

Low

Vendor

7.8

CVSS 3.1

7.8

High

Click a row to open the calculator.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html

AdvisoryBundleRemedyVendor

Showing 1-1 of 1 references

Qualcomm Products Double Free Vulnerability in Display Component

Vulnerability

Impact

Remediation

Affected Products

Qualcomm AQT1000

Qualcomm FastConnect 6200

Qualcomm FastConnect 6700

Qualcomm FastConnect 6800

Qualcomm FastConnect 6900

Qualcomm FastConnect 7800

Qualcomm QCA6391

Qualcomm QCA6420

Qualcomm QCA6430

Qualcomm QCM5430

Qualcomm QCM6490

Qualcomm QCS5430

Qualcomm QCS6490

Qualcomm Qualcomm Video Collaboration VC3 Platform

Qualcomm SC8180X

Qualcomm SC8380XP

Qualcomm SM6250

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating