CVE-2025-21486

| EUVD-2025-16703 HIGH
2025-06-03 [email protected]
7.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 17:04 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 17:04 euvd
EUVD-2025-16703
CVE Published
Jun 03, 2025 - 06:15 nvd
HIGH 7.8

Tags

Buffer Overflow Memory Corruption Denial Of Service Wcn7860 Firmware Sm8750 Firmware Wcn3680b Firmware Wsa8835 Firmware Wsa8832 Firmware Wcn7750 Firmware Wsa8840 Firmware Wcd9395 Firmware Wsa8845h Firmware Wsa8830 Firmware Wsa8845 Firmware Sw5100 Firmware Wcd9378 Firmware Wcn7880 Firmware Fastconnect 6900 Firmware Wcd9385 Firmware Sxr2330p Firmware Wcn7881 Firmware Wcd9380 Firmware Wcn7861 Firmware Wcn3988 Firmware Sxr2250p Firmware Sxr2230p Firmware Wcn3660b Firmware Wcn3980 Firmware Sm8735 Firmware Sw5100p Firmware Fastconnect 7800 Firmware Qmp1000 Firmware Sm8750p Firmware

Description

Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.

Analysis

Memory corruption vulnerability in dynamic process creation functionality that occurs when a client passes only the address and length of a shell binary without proper validation or bounds checking. This vulnerability affects local attackers with limited user privileges who can exploit the memory corruption to achieve arbitrary code execution with full system impact (confidentiality, integrity, and availability compromise). The vulnerability requires local access and low complexity exploitation, making it a significant risk for multi-user systems; KEV and active exploitation status are not confirmed in available data, but the high CVSS score (7.8) and memory corruption nature suggest this warrants urgent patching.

Technical Context

This vulnerability exists in process creation APIs/syscalls that dynamically invoke shell binaries based on client-supplied parameters. The root cause is classified under CWE-822 (Improperly Controlled Object Before It Is Freed/'Use Before Free'), indicating improper memory management during the transition from user-mode client data to kernel-mode process execution. The flaw occurs because the system accepts only an address and length parameter for the shell binary without: (1) validating that the memory region remains valid and accessible throughout the operation, (2) performing bounds checking on the supplied length, or (3) properly synchronizing access to prevent use-after-free conditions. This is typical of systems that perform direct memory operations in privileged contexts based on unprivileged user input, particularly in process spawning routines where the kernel must reference user-supplied binary data. The vulnerability likely affects Unix-like systems with dynamic process creation capabilities (fork/exec patterns or equivalent syscalls).

Affected Products

Specific product names, versions, and vendors are not provided in the available data. The vulnerability description indicates this affects systems with dynamic process creation functionality, suggesting impact on: (1) Unix-like operating systems (Linux, BSD variants) with process spawning APIs, (2) Real-time operating systems with shell execution capabilities, or (3) Custom kernel implementations with process creation syscalls. Without CPE strings in provided references, affected products cannot be precisely identified. To determine affected assets, check vendor security advisories by searching for 'CVE-2025-21486' against: Linux kernel versions, BSD distributions, embedded OS platforms, and any systems exposing dynamic process creation APIs. Patch status and specific version ranges require cross-referencing with official vendor security bulletins (e.g., kernel.org, RedHat CVE database, Ubuntu Security Notices).

Remediation

Immediate remediation steps: (1) Apply security patches from your OS/product vendor when available—search vendor security advisories for CVE-2025-21486 specific patch versions and apply without delay; (2) Implement kernel/firmware updates from official sources; (3) For systems where patches are not yet available, implement access controls restricting use of dynamic process creation APIs to trusted users only (via SELinux, AppArmor, or capability-based security). Workarounds include: (1) Disabling non-essential process spawning features if application logic permits, (2) Running vulnerable services in restricted containers with reduced privilege sets, (3) Monitoring process creation syscalls for suspicious patterns via auditd/ebpf monitoring. Long-term: enable kernel address space layout randomization (ASLR), stack canaries, and execute-never (NX) protections to increase exploitation complexity. Subscribe to your vendor's security mailing lists for patch notification. Without specific vendor advisory links in provided data, consult official CVE databases (nvd.nist.gov, cisa.gov) and vendor security pages for patch download URLs and version information.

Priority Score

39
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +39
POC: 0

Share

CVE-2025-21486 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy