Skip to main content

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 17:04 euvd
EUVD-2025-16704
Analysis Generated
Mar 14, 2026 - 17:04 vuln.today
CVE Published
Jun 03, 2025 - 06:15 nvd
HIGH 7.8

DescriptionCVE.org

Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.

AnalysisAI

Memory corruption vulnerability in Qualcomm's FastRPC implementation that affects local privilege escalation through malformed INIT and multimode invoke IOCTL calls. An attacker with local access and basic user privileges can trigger memory corruption to achieve code execution with elevated privileges, potentially compromising system integrity and confidentiality. The vulnerability carries a CVSS 7.8 score indicating high severity, though exploitation requires local access and authenticated session context.

Technical ContextAI

FastRPC (Fast Remote Procedure Call) is a Qualcomm proprietary inter-process communication (IPC) mechanism used extensively in Snapdragon chipsets for communication between ARM processors and Qualcomm's Hexagon Digital Signal Processors (DSPs). The vulnerability exists in the kernel-space FastRPC driver's IOCTL handler, specifically in processing INIT and multimode invoke commands. The root cause is CWE-367 (Time-of-check Time-of-use Race Condition), indicating a race condition where validation checks on IOCTL parameters occur at different times than when those parameters are actually used, allowing an attacker to modify memory between validation and use. This affects Qualcomm SDM, SM, and MSM chipset families where FastRPC is the primary DSP communication interface. The vulnerability manifests in the kernel FastRPC subsystem (typically located at /dev/adsprpc-smd) which handles both synchronous and asynchronous RPC invocations.

RemediationAI

Immediate mitigation: (1) Apply kernel security patches from Qualcomm/OEM vendor (check device security bulletin for January 2025 or later); (2) On Android, ensure device is running latest security patch level; (3) Restrict shell access and local account creation on affected devices; (4) Monitor for suspicious FastRPC IOCTL calls via audit logs if available. Long-term fix: Patch must serialize IOCTL validation and execution using proper synchronization primitives (mutexes around parameter validation and dereferencing). Workarounds if patch unavailable: Disable FastRPC subsystem entirely (breaks DSP functionality—not practical), or use LSM/SELinux policies to restrict /dev/adsprpc-smd access to trusted processes only. Vendor advisory links: Check Qualcomm Security Updates page (security.qualcomm.com) for January 2025+ bulletins, cross-reference with OEM (Samsung, Google, etc.) security updates for specific device models.

CVE-2025-21480 HIGH
8.6 Jun 03

Qualcomm GPU micronode contains a memory corruption vulnerability (CVE-2025-21480, CVSS 8.6) caused by unauthorized comm

CVE-2025-21479 HIGH
8.6 Jun 03

A second Qualcomm GPU micronode memory corruption vulnerability (CVE-2025-21479, CVSS 8.6) exists in the unauthorized co

CVE-2026-21385 HIGH POC
7.8 Mar 02

A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo

CVE-2025-21450 CRITICAL
9.1 Jul 08

Cryptographic issue occurs due to use of insecure connection method while downloading.

CVE-2024-33065 HIGH
8.4 Oct 07

Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4),

CVE-2025-47345 HIGH
8.4 Jan 07

Cryptographic issue may occur while encrypting license data. [CVSS 8.4 HIGH]

CVE-2024-45552 HIGH
8.2 Apr 07

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t

CVE-2024-53026 HIGH
8.2 Jun 03

CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL

CVE-2024-53021 HIGH
8.2 Jun 03

CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processi

CVE-2024-53020 HIGH
8.2 Jun 03

CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that o

CVE-2024-53019 HIGH
8.2 Jun 03

Network-based information disclosure vulnerability in RTP (Real-time Transport Protocol) packet decoding that occurs whe

CVE-2025-21427 HIGH
8.2 Jul 08

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

Share

CVE-2025-21485 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy