Buffer Over-read in Data HLOS - LNX
CVE-2025-21427

8.2HIGH

Key Information:

Vendor

Qualcomm
Status
Snapdragon
Vendor
CVE Published:
8 July 2025

What is CVE-2025-21427?

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

Affected Version(s)

Snapdragon Snapdragon Auto APQ8064AU

Snapdragon Snapdragon Auto AQT1000

Snapdragon Snapdragon Auto FastConnect 6200

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-21427 : Information Disclosure in Qualcomm RTP Packet Processing