Primary

Context

Qualcomm Products Out-of-Bounds Write Vulnerability in Audio Component

Vulnerability

A memory corruption vulnerability has been identified in various chipsets by Qualcomm, including those used in mobile platforms, automotive applications, and audio processing. This vulnerability arises from an out-of-bounds write during the management of MFC channel configurations while music is being played back. The issue has been reported and acknowledged by Qualcomm, and it affects several different chipsets, including those in the Snapdragon series and other Qualcomm platforms.

Impact

Exploitation of this vulnerability leads to memory corruption, which can potentially be manipulated to execute arbitrary code or cause a denial-of-service condition by crashing the application or system.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm December 2025 Security Bulletin.

Added: Dec 18, 2025, 6:57 AM

Updated: Dec 18, 2025, 6:57 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

1.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

1.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Products Out-of-Bounds Write Vulnerability in Audio Component

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating