CVE-2025-27053Incorrect Calculation of Buffer Size in INC Snapdragon

CWE-131Incorrect Calculation of Buffer SizeCWE-476NULL Pointer Dereference4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 96.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Qualcomm INC SnapdragonGoogle AndroidMsrc Azl3 Hyperv-daemons 6.6.22.1-2 ON Azure Linux 3.0+3 more
Timeline
PublishedOct 9
Latest updateDec 1

Description

Memory corruption during PlayReady APP usecase while processing TA commands.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

CVEListV5qualcomm_inc/snapdragon314 versions+313

🔴Vulnerability Details

1
GHSA
GHSA-jgwx-g3h6-cg8j: Memory corruption during PlayReady APP usecase while processing TA commands2025-10-09

📋Vendor Advisories

2
Android
CVE-2025-27053: Closed-source component2025-12-01
Microsoft
wifi: wilc1000: fix RCU usage in connect path2024-05-14