Memory Corruption Vulnerability in Qualcomm Camera Processing Software
CVE-2025-21426

6.6MEDIUM

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-21426?

A vulnerability has been identified in Qualcomm's camera processing software that involves memory corruption during the handling of camera TPG write requests. This flaw can lead to unpredictable behavior, potentially allowing an attacker to exploit the situation to compromise device functionality and security. It is crucial for users to ensure their devices are updated to protect against potential exploitation.

Affected Version(s)

Snapdragon Snapdragon Compute FastConnect 7800

Snapdragon Snapdragon Compute Snapdragon AR1 Gen 1 Platform

Snapdragon Snapdragon Compute Snapdragon AR1 Gen 1 Platform "Luna1"

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Dec 18, 2024