Primary

Context

Qualcomm Snapdragon Chipsets Buffer Over-read Vulnerability in Camera Component

Vulnerability

Patched

A buffer over-read vulnerability has been identified in the camera component of various chipsets, including those in the Snapdragon 8 Gen 1 and 8 Gen 2 mobile platforms, as well as several other Snapdragon and Qualcomm video collaboration platforms. This vulnerability leads to memory corruption during the image encoding process, potentially causing memory corruption issues.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to arbitrary code execution or other unintended behavior by manipulating the camera's image processing functions.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm July 2025 Security Bulletin.

Added: Jul 8, 2025, 1:49 PM

Updated: Jul 8, 2025, 1:49 PM

Affected Products

Qualcomm AQT1000

Moderate fix1 remedy

cpe:2.3:h:qualcomm:aqt1000:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 6200

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6200:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 6700

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6700:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 6800

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6800:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 6900

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm FastConnect 7800

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm QCA6391

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6391:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm QCA6420

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6420:*:*:*:*:*:*:*, +5 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm QCA6430

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qca6430:*:*:*:*:*:*:*, +5 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm QCM5430

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qcm5430:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm QCM6490

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qcm6490:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm QCS5430

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qcs5430:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm QCS6490

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qcs6490:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm Qualcomm Video Collaboration VC3 Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc1_platform:*:*:*:*:*:*:*, +12 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm SC8180X

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sc8180:*:*:*:*:*:*:*, +15 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm SC8380XP

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sc8380xp:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm SM6250

Moderate fix1 remedy

cpe:2.3:h:qualcomm:sm6250:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm Snapdragon 7c Gen 2 Compute Platform

Moderate fix1 remedy

cpe:2.3:h:qualcomm:snapdragon_7c_compute_platform:*:*:*:*:*:*:*, +8 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm Snapdragon 8c Compute Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:*:*:*:*:*:*:*, +2 more

0 remedies

Qualcomm Snapdragon 8cx Compute Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon 8cx Gen 2 5G Compute Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon 8cx Gen 3 Compute Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_8cx_gen_3_compute:*:*:*:*:*:*:*, +4 more

0 remedies

Qualcomm WCD9340

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wcd9340:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WCD9341

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wcd9341:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WCD9370

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wcd9370:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WCD9375

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wcd9375:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WCD9380

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WCD9385

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WSA8810

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8810:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WSA8830

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8830:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WSA8835

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8835:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WSA8840

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8840:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WSA8845

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8845:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Qualcomm WSA8845H

Moderate fix1 remedy

cpe:2.3:h:qualcomm:wsa8845h:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 1.0, < 1.0.0.1

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

0.6

exploitability

3.5

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

0.6

exploitability

3.5

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.