Login Sign Up

CVE-2025-21436

7.8 HIGH

📋 TL;DR

This CVE describes a use-after-free vulnerability in Qualcomm drivers where simultaneous IOCTL calls from different threads can cause memory corruption. This could allow local attackers to escalate privileges or execute arbitrary code. Affected systems include devices with vulnerable Qualcomm components.

💻 Affected Systems

Products:
  • Qualcomm chipsets and associated drivers
Versions: Specific versions not detailed in reference; check Qualcomm April 2025 bulletin
Operating Systems: Android, Linux-based systems using Qualcomm components
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with Qualcomm hardware/drivers; exact product list requires checking vendor advisory.

📦 What is this software?

Fastconnect 7800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 7800 Firmware →

Qmp1000 Firmware by Qualcomm

View all CVEs affecting Qmp1000 Firmware →

Sm8735 Firmware by Qualcomm

View all CVEs affecting Sm8735 Firmware →

Sm8750 Firmware by Qualcomm

View all CVEs affecting Sm8750 Firmware →

Sm8750p Firmware by Qualcomm

View all CVEs affecting Sm8750p Firmware →

Snapdragon 8 Gen 3 Mobile Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 3 Mobile Platform Firmware →

Snapdragon W5\+ Gen 1 Wearable Platform Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Platform Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr2330p Firmware by Qualcomm

View all CVEs affecting Sxr2330p Firmware →

Wcd9378 Firmware by Qualcomm

View all CVEs affecting Wcd9378 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9390 Firmware by Qualcomm

View all CVEs affecting Wcd9390 Firmware →

Wcd9395 Firmware by Qualcomm

View all CVEs affecting Wcd9395 Firmware →

Wcn7750 Firmware by Qualcomm

View all CVEs affecting Wcn7750 Firmware →

Wcn7860 Firmware by Qualcomm

View all CVEs affecting Wcn7860 Firmware →

Wcn7861 Firmware by Qualcomm

View all CVEs affecting Wcn7861 Firmware →

Wcn7880 Firmware by Qualcomm

View all CVEs affecting Wcn7880 Firmware →

Wcn7881 Firmware by Qualcomm

View all CVEs affecting Wcn7881 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

Wsa8840 Firmware by Qualcomm

View all CVEs affecting Wsa8840 Firmware →

Wsa8845 Firmware by Qualcomm

View all CVEs affecting Wsa8845 Firmware →

Wsa8845h Firmware by Qualcomm

View all CVEs affecting Wsa8845h Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level access leading to complete system compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated permissions on the affected system.

🟢

If Mitigated

Denial of service or system instability if memory corruption occurs but exploitation fails.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring access to the system.
🏢 Internal Only: HIGH - Malicious insiders or compromised accounts could exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and race condition timing; CVSS 7.8 suggests significant but not trivial exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm April 2025 security bulletin for specific patched versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for affected components. 2. Obtain patches from device manufacturer or Qualcomm. 3. Apply patches according to vendor instructions. 4. Reboot system.

🔧 Temporary Workarounds

Restrict local user access

all

Limit local user accounts and implement least privilege to reduce attack surface

Disable unnecessary drivers

linux

If possible, disable or blacklist vulnerable Qualcomm drivers not required for operation

echo 'blacklist vulnerable_driver' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Implement strict access controls and monitor for suspicious local privilege escalation attempts
  • Isolate affected systems from critical networks and implement application allowlisting

🔍 How to Verify

Check if Vulnerable:

Check system for Qualcomm components and compare versions against Qualcomm advisory

Check Version:

Check driver versions via 'lsmod | grep qualcomm' or manufacturer-specific tools

Verify Fix Applied:

Verify patched driver versions are installed and system has been rebooted

📡 Detection & Monitoring

Log Indicators:

  • Multiple simultaneous IOCTL calls from same process
  • Driver crash logs
  • Unexpected privilege escalation events

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

Process monitoring for unusual driver access patterns or privilege escalation

📊 Metadata

CVE ID: CVE-2025-21436
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.07% exploit probability (20.9th percentile)
Published: April 7, 2025
Last Updated: August 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-21436, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)