Memory Corruption in Qualcomm Products due to IOCTL Call Processing
CVE-2025-59617

6.6MEDIUM

Key Information:

Vendor

Qualcomm

Vendor
CVE Published:
6 July 2026

What is CVE-2025-59617?

A memory corruption vulnerability exists in Qualcomm products when processing multiple IOCTL calls using the same buffer file descriptor input. This flaw can potentially be exploited by attackers to impact the integrity of the system and cause unpredictable behavior in affected systems. Proper handling and validation measures must be implemented to mitigate this risk. Refer to Qualcomm's security bulletins for ongoing updates and patches related to this vulnerability.

Affected Version(s)

Snapdragon Snapdragon CCW FastConnect 6700

Snapdragon Snapdragon CCW FastConnect 6900

Snapdragon Snapdragon CCW FastConnect 7800

References

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.