Nixpkgs Security Tracker

Login with GitHub

Dismissed suggestions

These automatic suggestions were dismissed after initial triaging.

to select a suggestion for revision.

View:
Compact
Detailed
Permalink CVE-2025-47383
7.2 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Missing Cryptographic Step in Data Modem

Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.

References

Affected products

Snapdragon
  • ==WCN3990
  • ==G1 Gen 1
  • ==Snapdragon X35 5G Modem-RF System
  • ==Palawan25
  • ==Snapdragon 7+ Gen 2 Mobile Platform
  • ==Snapdragon 8 Gen 1 Mobile Platform
  • ==FastConnect 7800
  • ==SDM429W
  • ==QCA6797AQ
  • ==WSA8830
  • ==SM7435
  • ==SM7675
  • ==SM7550
  • ==SM6650P
  • ==9207 LTE Modem
  • ==WSA8840
  • ==QCM5430
  • ==Vision Intelligence 400 Platform
  • ==Snapdragon 660 Mobile Platform
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==QCN9012
  • ==Snapdragon 625 Mobile Platform
  • ==Snapdragon Auto 5G Modem-RF
  • ==QCS2290
  • ==AR8035
  • ==WCD9390
  • ==WSA8815
  • ==QCS4490
  • ==CSRA6640
  • ==Snapdragon 1200 Wearable Platform
  • ==Snapdragon 4 Gen 2 Mobile Platform
  • ==SM8650Q
  • ==Qualcomm Video Collaboration VC1 Platform
  • ==Snapdragon 480 5G Mobile Platform
  • ==Snapdragon 820Am
  • ==FWA Gen 3 Ultra Platform
  • ==QCN6024
  • ==Snapdragon X53 5G Modem-RF System
  • ==WCN7861
  • ==Snapdragon 690 5G Mobile Platform
  • ==SDA660
  • ==SM7675P
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==Snapdragon 680 4G Mobile Platform
  • ==WCD9380
  • ==WCN3680B
  • ==WCD9371
  • ==FastConnect 6800
  • ==MDM9640
  • ==QCA6584
  • ==QCA6174A
  • ==QFW7124
  • ==WSA8835
  • ==QCA9377
  • ==CSRA6620
  • ==WCD9378
  • ==Snapdragon X12 LTE Modem
  • ==9206 LTE Modem
  • ==WSA8845H
  • ==WCN3950
  • ==Snapdragon 8cx Compute Platform "Poipu Pro"
  • ==QCN6274
  • ==QCM6490
  • ==Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro"
  • ==Snapdragon 8+ Gen 1 Mobile Platform
  • ==MDM9250
  • ==Snapdragon 7c+ Gen 3 Compute
  • ==WCN3660B
  • ==Snapdragon 1100 Wearable Platform
  • ==SM8635P
  • ==Snapdragon 778G 5G Mobile Platform
  • ==Snapdragon 7c Compute Platform
  • ==QMP1000
  • ==5G Fixed Wireless Access Platform
  • ==WCN6650
  • ==QCA8337
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==Snapdragon 8c Compute Platform "Poipu Lite"
  • ==Snapdragon 6 Gen 1 Mobile Platform
  • ==Snapdragon X80 5G Modem-RF System
  • ==SM6250
  • ==Snapdragon 7 Gen 1 Mobile Platform
  • ==Snapdragon 865+ 5G Mobile Platform
  • ==Snapdragon 8cx Gen 2 5G Compute Platform
  • ==QCM4490
  • ==WCD9370
  • ==WCD9360
  • ==Snapdragon Auto 5G Modem-RF Gen 2
  • ==WCD9340
  • ==WCN7860
  • ==QCC710
  • ==Vision Intelligence 200 Platform
  • ==WCD9375
  • ==Netrani
  • ==CSRB31024
  • ==Snapdragon 8 Elite
  • ==QCA6574
  • ==SDX71M
  • ==QCS8550
  • ==SD626
  • ==Snapdragon X75 5G Modem-RF System
  • ==Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
  • ==Themisto
  • ==QCA6698AU
  • ==WCD9306
  • ==Snapdragon 7c Gen 2 Compute Platform "Rennell Pro"
  • ==FSM100 Platform
  • ==WCN3988
  • ==AQT1000
  • ==WCD9330
  • ==FastConnect 6700
  • ==Robotics RB2 Platform
  • ==QCA8081
  • ==C-V2X 9150
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==SM7550P
  • ==Snapdragon 695 5G Mobile Platform
  • ==WSA8845
  • ==Smart Display 200 Platform
  • ==Snapdragon 820 Automotive Platform
  • ==QCA6696
  • ==WSA8810
  • ==SM6225P
  • ==WCN3620
  • ==SD 8 Gen1 5G
  • ==WCD9395
  • ==WCN3980
  • ==QCN6224
  • ==Snapdragon 8 Gen 3 Mobile Platform
  • ==Snapdragon 865 5G Mobile Platform
  • ==WCN7880
  • ==Snapdragon 8cx Compute Platform
  • ==WCD9335
  • ==WCD9341
  • ==QCM4325
  • ==QCA6564A
  • ==QEP8111
  • ==FastConnect 6200
  • ==QCA6698AQ
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==WSA8832
  • ==Vision Intelligence 100 Platform
  • ==Orne
  • ==Snapdragon 460 Mobile Platform
  • ==WCN6755
  • ==SM8635
  • ==Milos
  • ==QCA6574A
  • ==QCA6574AU
  • ==APQ8098
  • ==QCA6420
  • ==QCA6688AQ
  • ==Snapdragon 662 Mobile Platform
  • ==WCN3910
  • ==Snapdragon 888+ 5G Mobile Platform
  • ==SW5100P
  • ==FastConnect 6900
  • ==Snapdragon 782G Mobile Platform
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==Snapdragon X5 LTE Modem
  • ==SDX57M
  • ==SW6100
  • ==SW5100
  • ==QCN9024
  • ==Snapdragon X55 5G Modem-RF System
  • ==SM8750P
  • ==WCN7881
  • ==Snapdragon 870 5G Mobile Platform
  • ==SDX61
  • ==QCA6430
  • ==WCN3615
  • ==SM8475P
  • ==QCA6595AU
  • ==SnapdragonAuto 4GModem
  • ==Snapdragon 888 5G Mobile Platform
  • ==QCM2290
  • ==Snapdragon X72 5G Modem-RF System
  • ==Snapdragon X32 5G Modem-RF System
  • ==SW6100P
  • ==QCA6678AQ
  • ==SM8550P
  • ==QCA6564AU
  • ==Snapdragon 778G+ 5G Mobile Platform
  • ==WCD9385
  • ==Snapdragon W5+ Gen 1 Wearable Platform
  • ==Snapdragon X70 Modem-RF System
  • ==Qualcomm 215 Mobile Platform
  • ==SD662
  • ==QFW7114
  • ==Snapdragon X65 5G Modem-RF System
  • ==MDM9628
  • ==SM7635P
  • ==Snapdragon 429 Mobile Platform
  • ==QCA9367
  • ==SM7325P
  • ==QCA6584AU
  • ==Snapdragon 626 Mobile Platform
  • ==WCD9326
  • ==QCN9011
  • ==QCS4290
  • ==Snapdragon 685 4G Mobile Platform
  • ==MDM8207
  • ==QCA6391
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==Snapdragon 6 Gen 3 Mobile Platform
  • ==QCM6125
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-47381
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Use After Free in Automotive Audio

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

References

Affected products

Snapdragon
  • ==QAM8255P
  • ==QCA6696
  • ==SA8620P
  • ==LeMansAU
  • ==QCA6595AU
  • ==QCA6595
  • ==SA8255P
  • ==SRV1M
  • ==QAMSRV1M
  • ==SA9000P
  • ==SA7255P
  • ==SA8195P
  • ==SA6155P
  • ==SA8770P
  • ==QCA9367
  • ==QCA6574
  • ==SRV1H
  • ==QCA6574AU
  • ==QCA6574A
  • ==SA7775P
  • ==QAMSRV1H
  • ==QCA6688AQ
  • ==LeMans_AU_LGIT
  • ==QCA9377
  • ==SA8155P
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-47377
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Use After Free in Automotive Audio

Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.

References

Affected products

Snapdragon
  • ==G1 Gen 1
  • ==Snapdragon X35 5G Modem-RF System
  • ==FastConnect 7800
  • ==QCA6797AQ
  • ==WSA8830
  • ==SM7675
  • ==SM7550
  • ==SM6650P
  • ==SA8620P
  • ==WSA8840
  • ==LeMansAU
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==QCN9012
  • ==QCS2290
  • ==AR8035
  • ==WCD9390
  • ==WSA8815
  • ==SM8650Q
  • ==Qualcomm Video Collaboration VC1 Platform
  • ==Snapdragon 480 5G Mobile Platform
  • ==FWA Gen 3 Ultra Platform
  • ==SM7675P
  • ==WCN6450
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==SA8770P
  • ==Snapdragon 680 4G Mobile Platform
  • ==WCD9380
  • ==WCD9371
  • ==QFW7124
  • ==QCA6174A
  • ==SA7775P
  • ==WSA8835
  • ==LeMans_AU_LGIT
  • ==QCA9377
  • ==WCD9378
  • ==WSA8845H
  • ==WCN3950
  • ==SA8155P
  • ==QCN6274
  • ==Flight RB5 5G Platform
  • ==QAM8255P
  • ==SM8635P
  • ==WCN6650
  • ==QCA8337
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==QCA6595
  • ==SRV1M
  • ==QAMSRV1M
  • ==WCD9370
  • ==SA7255P
  • ==Snapdragon Auto 5G Modem-RF Gen 2
  • ==WCD9340
  • ==QCC710
  • ==WCD9375
  • ==SA8195P
  • ==QCA6574
  • ==QCS8550
  • ==Snapdragon X75 5G Modem-RF System
  • ==SRV1H
  • ==QCA6698AU
  • ==WCN3988
  • ==QCA8081
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==SM7550P
  • ==Snapdragon 695 5G Mobile Platform
  • ==WSA8845
  • ==QCA6696
  • ==WSA8810
  • ==Qualcomm Video Collaboration VC5 Platform
  • ==SXR2330P
  • ==SM6225P
  • ==WCD9395
  • ==WCN3980
  • ==QCN6224
  • ==SA9000P
  • ==Snapdragon 8 Gen 3 Mobile Platform
  • ==QCM4325
  • ==QEP8111
  • ==WSA8832
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==FastConnect 6200
  • ==QCA6698AQ
  • ==WCN6755
  • ==Snapdragon 460 Mobile Platform
  • ==SM8635
  • ==Milos
  • ==QCA6574A
  • ==QCA6574AU
  • ==QCA6688AQ
  • ==Snapdragon 662 Mobile Platform
  • ==WCN3910
  • ==SW5100P
  • ==FastConnect 6900
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==QAM8295P
  • ==Robotics RB5 Platform
  • ==QAMSRV1H
  • ==SW5100
  • ==QCA8695AU
  • ==QCA6595AU
  • ==QCM2290
  • ==SA8255P
  • ==Snapdragon X72 5G Modem-RF System
  • ==Snapdragon X32 5G Modem-RF System
  • ==QCA6678AQ
  • ==SXR2350P
  • ==SM8550P
  • ==WCD9385
  • ==Snapdragon W5+ Gen 1 Wearable Platform
  • ==QRB5165N
  • ==SD662
  • ==QFW7114
  • ==SA6155P
  • ==SM7635P
  • ==QCA9367
  • ==QCA6584AU
  • ==QCN9011
  • ==SA8295P
  • ==QCS4290
  • ==Snapdragon 685 4G Mobile Platform
  • ==QCA6391
  • ==QCM6125
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-47375
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Use After Free in Automotive Audio

Memory corruption while handling different IOCTL calls from the user-space simultaneously.

References

Affected products

Snapdragon
  • ==WCN3990
  • ==G1 Gen 1
  • ==Snapdragon X35 5G Modem-RF System
  • ==FastConnect 7800
  • ==QCA6797AQ
  • ==WSA8830
  • ==SM7675
  • ==SM7550
  • ==SM6650P
  • ==SA8620P
  • ==WSA8840
  • ==QCM5430
  • ==LeMansAU
  • ==Snapdragon 660 Mobile Platform
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==QCN9012
  • ==Snapdragon Auto 5G Modem-RF
  • ==QCS2290
  • ==AR8035
  • ==WCD9390
  • ==WSA8815
  • ==QRB5165M
  • ==CSRA6640
  • ==SM8650Q
  • ==Qualcomm Video Collaboration VC1 Platform
  • ==Snapdragon 480 5G Mobile Platform
  • ==FWA Gen 3 Ultra Platform
  • ==Snapdragon X53 5G Modem-RF System
  • ==Snapdragon 690 5G Mobile Platform
  • ==SDA660
  • ==SM7675P
  • ==WCN6450
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==SA8770P
  • ==Snapdragon 680 4G Mobile Platform
  • ==WCD9380
  • ==WCN3680B
  • ==WCD9371
  • ==FastConnect 6800
  • ==QFW7124
  • ==QCA6174A
  • ==SA7775P
  • ==SA8145P
  • ==WSA8835
  • ==LeMans_AU_LGIT
  • ==QCA9377
  • ==CSRA6620
  • ==WCD9378
  • ==Snapdragon X12 LTE Modem
  • ==WSA8845H
  • ==WCN3950
  • ==SA8155P
  • ==QCN6274
  • ==QCM6490
  • ==Snapdragon XR2 5G Platform
  • ==Flight RB5 5G Platform
  • ==MDM9250
  • ==Snapdragon 7c+ Gen 3 Compute
  • ==WCN3660B
  • ==QAM8255P
  • ==SM8635P
  • ==Snapdragon 778G 5G Mobile Platform
  • ==WCN6650
  • ==QCA8337
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==QCA6595
  • ==SRV1M
  • ==QAMSRV1M
  • ==Snapdragon 865+ 5G Mobile Platform
  • ==WCD9370
  • ==SA7255P
  • ==Snapdragon Auto 5G Modem-RF Gen 2
  • ==WCD9340
  • ==QCC710
  • ==WCD9375
  • ==SA8195P
  • ==QCA6574
  • ==Snapdragon X75 5G Modem-RF System
  • ==SRV1H
  • ==QCA6698AU
  • ==WCN3988
  • ==FastConnect 6700
  • ==Robotics RB2 Platform
  • ==SA8150P
  • ==QCA8081
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==SM7550P
  • ==Snapdragon 695 5G Mobile Platform
  • ==WSA8845
  • ==QCA6696
  • ==WSA8810
  • ==Qualcomm Video Collaboration VC5 Platform
  • ==SM6225P
  • ==SA6145P
  • ==SD865 5G
  • ==WCD9395
  • ==WCN3980
  • ==QCN6224
  • ==SA9000P
  • ==Snapdragon 8 Gen 3 Mobile Platform
  • ==Snapdragon 865 5G Mobile Platform
  • ==WCD9341
  • ==WCD9335
  • ==QCM4325
  • ==QCA6564A
  • ==QEP8111
  • ==FastConnect 6200
  • ==QCA6698AQ
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==WSA8832
  • ==WCN6755
  • ==Snapdragon 460 Mobile Platform
  • ==SM8635
  • ==Milos
  • ==QCA6574A
  • ==QCA6574AU
  • ==QCA6688AQ
  • ==Snapdragon 662 Mobile Platform
  • ==WCN3910
  • ==Snapdragon 888+ 5G Mobile Platform
  • ==SW5100P
  • ==FastConnect 6900
  • ==SA4155P
  • ==Snapdragon 782G Mobile Platform
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==QAM8295P
  • ==Robotics RB5 Platform
  • ==QAMSRV1H
  • ==QCA2066
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==SW5100
  • ==Snapdragon X55 5G Modem-RF System
  • ==QCA8695AU
  • ==Snapdragon 870 5G Mobile Platform
  • ==WCN3615
  • ==QCA6595AU
  • ==Snapdragon 888 5G Mobile Platform
  • ==QCM2290
  • ==SA8255P
  • ==Snapdragon X72 5G Modem-RF System
  • ==Snapdragon X32 5G Modem-RF System
  • ==QCA6678AQ
  • ==SA4150P
  • ==SM8550P
  • ==QCA6564AU
  • ==Snapdragon 778G+ 5G Mobile Platform
  • ==WCD9385
  • ==Snapdragon W5+ Gen 1 Wearable Platform
  • ==QRB5165N
  • ==Qualcomm 215 Mobile Platform
  • ==SD662
  • ==QFW7114
  • ==SA6155P
  • ==MDM9628
  • ==SM7635P
  • ==QCA9367
  • ==SM7325P
  • ==QCA6584AU
  • ==WCD9326
  • ==QCN9011
  • ==SA8295P
  • ==QCS4290
  • ==Snapdragon 685 4G Mobile Platform
  • ==QCA6391
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==AR8031
  • ==SA6150P
  • ==Smart Audio 400 Platform
  • ==QCM6125
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-47385
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Improper Access Control for Register Interface in SCE-Mink

Memory Corruption when accessing trusted execution environment without proper privilege check.

References

Affected products

Snapdragon
  • ==Palawan25
  • ==FastConnect 7800
  • ==QXM1083
  • ==QCA6797AQ
  • ==Pandeiro
  • ==SM7435
  • ==WSA8830
  • ==SA8620P
  • ==WSA8840
  • ==LeMansAU
  • ==QXM1096
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==SAR2230P
  • ==WSA8815
  • ==Snapdragon 4 Gen 2 Mobile Platform
  • ==QLN1083BD
  • ==Snapdragon 480 5G Mobile Platform
  • ==WCN7861
  • ==WCN6450
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==SA8770P
  • ==WCD9380
  • ==SA7775P
  • ==WSA8835
  • ==LeMans_AU_LGIT
  • ==QCA9377
  • ==WCD9378
  • ==QXM1086
  • ==WCN3950
  • ==WSA8845H
  • ==SA8155P
  • ==QAM8255P
  • ==QPA1083BD
  • ==QMP1000
  • ==QCA6595
  • ==Snapdragon 6 Gen 1 Mobile Platform
  • ==SRV1M
  • ==QAMSRV1M
  • ==Snapdragon AR1+ Gen 1 Platform
  • ==WCD9370
  • ==SA7255P
  • ==WCN7860
  • ==WCD9375
  • ==SA8195P
  • ==Netrani
  • ==Snapdragon 8 Elite
  • ==QCA6574
  • ==SRV1H
  • ==QPA1086BD
  • ==WCN3988
  • ==G2 Gen 1
  • ==FastConnect 6700
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==Snapdragon 695 5G Mobile Platform
  • ==WSA8845
  • ==QCA6696
  • ==WSA8810
  • ==SXR2330P
  • ==QXM1095
  • ==WCD9395
  • ==SAR1250P
  • ==SA9000P
  • ==WCN7880
  • ==WSA8832
  • ==FastConnect 6200
  • ==QCA6698AQ
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==WCN6755
  • ==Orne
  • ==QXM1093
  • ==Milos
  • ==QCA6574A
  • ==QCA6574AU
  • ==QCA6688AQ
  • ==SW5100P
  • ==FastConnect 6900
  • ==QAM8295P
  • ==QAMSRV1H
  • ==QLN1086BD
  • ==SW5100
  • ==SM8750P
  • ==QCA8695AU
  • ==WCN7881
  • ==QCA6595AU
  • ==SA8255P
  • ==SXR2350P
  • ==WCD9385
  • ==Snapdragon W5+ Gen 1 Wearable Platform
  • ==SAR1165P
  • ==QXM1094
  • ==SA6155P
  • ==QCA9367
  • ==SA8295P
  • ==Snapdragon 6 Gen 3 Mobile Platform
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-47384
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Reachable Assertion in FW

Transient DOS when MAC configures config id greater than supported maximum value.

References

Affected products

Snapdragon
  • ==QCM6490
  • ==FastConnect 6700
  • ==SDX57M
  • ==Snapdragon 7c+ Gen 3 Compute
  • ==Snapdragon X55 5G Modem-RF System
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==WSA8830
  • ==Snapdragon 695 5G Mobile Platform
  • ==Snapdragon 778G 5G Mobile Platform
  • ==QCA6696
  • ==5G Fixed Wireless Access Platform
  • ==WSA8810
  • ==Snapdragon 870 5G Mobile Platform
  • ==QCM5430
  • ==QCA6595AU
  • ==Snapdragon 888 5G Mobile Platform
  • ==Snapdragon Auto 5G Modem-RF
  • ==WSA8815
  • ==Snapdragon 865+ 5G Mobile Platform
  • ==WCD9370
  • ==WCD9360
  • ==WCD9385
  • ==Snapdragon 778G+ 5G Mobile Platform
  • ==Snapdragon 480 5G Mobile Platform
  • ==Snapdragon X53 5G Modem-RF System
  • ==Snapdragon 865 5G Mobile Platform
  • ==Snapdragon 690 5G Mobile Platform
  • ==WCD9375
  • ==WCD9341
  • ==FastConnect 6200
  • ==QCA6698AQ
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==WCD9380
  • ==SM7325P
  • ==FastConnect 6800
  • ==QCA6574A
  • ==WSA8835
  • ==Snapdragon 888+ 5G Mobile Platform
  • ==FastConnect 6900
  • ==QCA6391
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==Snapdragon 782G Mobile Platform
  • ==WCN3988
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-47373
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Out-of-bounds Write in Automotive

Memory Corruption when accessing buffers with invalid length during TA invocation.

References

Affected products

Snapdragon
  • ==X2000092
  • ==G1 Gen 1
  • ==Snapdragon X35 5G Modem-RF System
  • ==Palawan25
  • ==Snapdragon 7+ Gen 2 Mobile Platform
  • ==IQ8 Series Platform
  • ==FastConnect 7800
  • ==Snapdragon 8 Gen 1 Mobile Platform
  • ==QXM1083
  • ==QCA6797AQ
  • ==Pandeiro
  • ==SM7435
  • ==WSA8830
  • ==SM7675
  • ==SM7550
  • ==SM6650P
  • ==SA8620P
  • ==QAM8620P
  • ==WSA8840
  • ==QCM5430
  • ==LeMansAU
  • ==QXM1096
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==Snapdragon AR1 Gen 1 Platform
  • ==SAR2230P
  • ==QCN9012
  • ==X2000086
  • ==AR8035
  • ==Cologne
  • ==WCD9390
  • ==WSA8815
  • ==QCS4490
  • ==Snapdragon 4 Gen 2 Mobile Platform
  • ==SM8650Q
  • ==QLN1083BD
  • ==Snapdragon 480 5G Mobile Platform
  • ==FWA Gen 3 Ultra Platform
  • ==WCN7861
  • ==SM7675P
  • ==WCN6450
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==SA8770P
  • ==Snapdragon 680 4G Mobile Platform
  • ==SRV1L
  • ==WCD9380
  • ==WCD9371
  • ==QFW7124
  • ==QCA6174A
  • ==SA7775P
  • ==SA8145P
  • ==WSA8835
  • ==LeMans_AU_LGIT
  • ==QRU1032
  • ==WCD9378
  • ==QXM1086
  • ==Snapdragon 8 Elite Gen 5
  • ==WCN3950
  • ==WSA8845H
  • ==SA8155P
  • ==QCN6274
  • ==QCM6490
  • ==Snapdragon 8+ Gen 1 Mobile Platform
  • ==QAM8255P
  • ==QPA1083BD
  • ==SXR2230P
  • ==SM8635P
  • ==QMP1000
  • ==WCN6650
  • ==QCA8337
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==QCA6595
  • ==Snapdragon 6 Gen 1 Mobile Platform
  • ==SRV1M
  • ==QAMSRV1M
  • ==Snapdragon 7 Gen 1 Mobile Platform
  • ==Snapdragon AR1+ Gen 1 Platform
  • ==QCM4490
  • ==WCD9370
  • ==XG101032
  • ==X2000077
  • ==SA7255P
  • ==Snapdragon Auto 5G Modem-RF Gen 2
  • ==Qualcomm Dragonwing X100 Accelerator Card
  • ==QCC710
  • ==WCD9340
  • ==WCD9375
  • ==SA8195P
  • ==WCN7860
  • ==Netrani
  • ==Snapdragon 8 Elite
  • ==QCA6574
  • ==QCS8550
  • ==Snapdragon X75 5G Modem-RF System
  • ==IQ9 Series Platform
  • ==SRV1H
  • ==Themisto
  • ==QPA1086BD
  • ==SAR2130P
  • ==QCA6698AU
  • ==WCN3988
  • ==G2 Gen 1
  • ==X2000094
  • ==FastConnect 6700
  • ==SA8150P
  • ==QCA8081
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==SXR2250P
  • ==SM7550P
  • ==Snapdragon 695 5G Mobile Platform
  • ==WSA8845
  • ==QDX1010
  • ==X2000090
  • ==QCA6696
  • ==WSA8810
  • ==SXR2330P
  • ==SM6225P
  • ==SA6145P
  • ==QXM1095
  • ==SD 8 Gen1 5G
  • ==WCD9395
  • ==SAR1250P
  • ==XG101039
  • ==QCN6224
  • ==SA9000P
  • ==Snapdragon 8 Gen 3 Mobile Platform
  • ==WCN7880
  • ==QCM4325
  • ==SC8380XP
  • ==QEP8111
  • ==WSA8832
  • ==FastConnect 6200
  • ==QCA6698AQ
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==WCN6755
  • ==Orne
  • ==Snapdragon 460 Mobile Platform
  • ==QXM1093
  • ==SM8635
  • ==Milos
  • ==QCA6574A
  • ==QCA6574AU
  • ==QCA6688AQ
  • ==Snapdragon 662 Mobile Platform
  • ==WCN3910
  • ==FastConnect 6900
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==QAM8295P
  • ==QAMSRV1H
  • ==IQ6 Series Platform
  • ==XG101002
  • ==QLN1086BD
  • ==SW6100
  • ==WCD9378C
  • ==SM8750P
  • ==QCA8695AU
  • ==SA8540P
  • ==WCN7881
  • ==SM8475P
  • ==QCA6595AU
  • ==Qualcomm Dragonwing QRU100 Platform
  • ==SA8255P
  • ==Snapdragon X72 5G Modem-RF System
  • ==Snapdragon X32 5G Modem-RF System
  • ==SW6100P
  • ==QCA6678AQ
  • ==SXR2350P
  • ==SM8550P
  • ==WCD9385
  • ==QCA0000
  • ==SAR1165P
  • ==QXM1094
  • ==QDX1011
  • ==SD662
  • ==QFW7114
  • ==SA6155P
  • ==SM7635P
  • ==QCA6584AU
  • ==QCN9011
  • ==SA8295P
  • ==QCS4290
  • ==Snapdragon 685 4G Mobile Platform
  • ==QCA6391
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==SA6150P
  • ==Monaco_IOT
  • ==Snapdragon 6 Gen 3 Mobile Platform
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-59603
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Out-of-bounds Write in Computer Vision

Memory Corruption when processing invalid user address with nonstandard buffer address.

References

Affected products

Snapdragon
  • ==X2000092
  • ==X2000094
  • ==Snapdragon XR2 5G Platform
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==WCD9378C
  • ==FastConnect 7800
  • ==SXR2250P
  • ==WSA8830
  • ==SXR2230P
  • ==WSA8845
  • ==X2000090
  • ==WSA8810
  • ==WSA8840
  • ==X2000086
  • ==SD865 5G
  • ==Cologne
  • ==WSA8815
  • ==XG101039
  • ==XG101032
  • ==X2000077
  • ==WCD9385
  • ==QCA0000
  • ==SC8380XP
  • ==WSA8832
  • ==WCD9380
  • ==WSA8835
  • ==FastConnect 6900
  • ==WSA8845H
  • ==XG101002
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-47376
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Use After Free in Automotive Audio

Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.

References

Affected products

Snapdragon
  • ==WCN3990
  • ==G1 Gen 1
  • ==Snapdragon X35 5G Modem-RF System
  • ==FastConnect 7800
  • ==QCA6797AQ
  • ==WSA8830
  • ==SM7675
  • ==SM7550
  • ==SM6650P
  • ==SA8620P
  • ==WSA8840
  • ==QCM5430
  • ==LeMansAU
  • ==Snapdragon 660 Mobile Platform
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==QCN9012
  • ==Snapdragon Auto 5G Modem-RF
  • ==QCS2290
  • ==AR8035
  • ==WCD9390
  • ==WSA8815
  • ==QRB5165M
  • ==CSRA6640
  • ==SM8650Q
  • ==Qualcomm Video Collaboration VC1 Platform
  • ==Snapdragon 480 5G Mobile Platform
  • ==FWA Gen 3 Ultra Platform
  • ==Snapdragon X53 5G Modem-RF System
  • ==Snapdragon 690 5G Mobile Platform
  • ==SDA660
  • ==SM7675P
  • ==WCN6450
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==SA8770P
  • ==Snapdragon 680 4G Mobile Platform
  • ==WCD9380
  • ==WCN3680B
  • ==WCD9371
  • ==FastConnect 6800
  • ==QFW7124
  • ==QCA6174A
  • ==SA7775P
  • ==SA8145P
  • ==WSA8835
  • ==LeMans_AU_LGIT
  • ==QCA9377
  • ==CSRA6620
  • ==WCD9378
  • ==Snapdragon X12 LTE Modem
  • ==WSA8845H
  • ==WCN3950
  • ==SA8155P
  • ==QCN6274
  • ==QCM6490
  • ==Snapdragon XR2 5G Platform
  • ==Flight RB5 5G Platform
  • ==MDM9250
  • ==Snapdragon 7c+ Gen 3 Compute
  • ==WCN3660B
  • ==QAM8255P
  • ==SM8635P
  • ==Snapdragon 778G 5G Mobile Platform
  • ==WCN6650
  • ==QCA8337
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==QCA6595
  • ==SRV1M
  • ==QAMSRV1M
  • ==Snapdragon 865+ 5G Mobile Platform
  • ==WCD9370
  • ==SA7255P
  • ==Snapdragon Auto 5G Modem-RF Gen 2
  • ==WCD9340
  • ==QCC710
  • ==WCD9375
  • ==SA8195P
  • ==QCA6574
  • ==QCS8550
  • ==Snapdragon X75 5G Modem-RF System
  • ==SRV1H
  • ==QCA6698AU
  • ==WCN3988
  • ==FastConnect 6700
  • ==Robotics RB2 Platform
  • ==SA8150P
  • ==QCA8081
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==SM7550P
  • ==Snapdragon 695 5G Mobile Platform
  • ==WSA8845
  • ==QCA6696
  • ==WSA8810
  • ==Qualcomm Video Collaboration VC5 Platform
  • ==SM6225P
  • ==SA6145P
  • ==SD865 5G
  • ==WCD9395
  • ==WCN3980
  • ==QCN6224
  • ==SA9000P
  • ==Snapdragon 8 Gen 3 Mobile Platform
  • ==Snapdragon 865 5G Mobile Platform
  • ==WCD9341
  • ==WCD9335
  • ==QCM4325
  • ==QCA6564A
  • ==QEP8111
  • ==FastConnect 6200
  • ==QCA6698AQ
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==WSA8832
  • ==WCN6755
  • ==Snapdragon 460 Mobile Platform
  • ==SM8635
  • ==Milos
  • ==QCA6574A
  • ==QCA6574AU
  • ==QCA6688AQ
  • ==Snapdragon 662 Mobile Platform
  • ==WCN3910
  • ==Snapdragon 888+ 5G Mobile Platform
  • ==SW5100P
  • ==FastConnect 6900
  • ==SA4155P
  • ==Snapdragon 782G Mobile Platform
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==QAM8295P
  • ==Robotics RB5 Platform
  • ==QAMSRV1H
  • ==QCA2066
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==SW5100
  • ==Snapdragon X55 5G Modem-RF System
  • ==QCA8695AU
  • ==Snapdragon 870 5G Mobile Platform
  • ==WCN3615
  • ==QCA6595AU
  • ==Snapdragon 888 5G Mobile Platform
  • ==QCM2290
  • ==SA8255P
  • ==Snapdragon X72 5G Modem-RF System
  • ==Snapdragon X32 5G Modem-RF System
  • ==QCA6678AQ
  • ==SA4150P
  • ==SM8550P
  • ==QCA6564AU
  • ==Snapdragon 778G+ 5G Mobile Platform
  • ==WCD9385
  • ==Snapdragon W5+ Gen 1 Wearable Platform
  • ==QRB5165N
  • ==Qualcomm 215 Mobile Platform
  • ==SD662
  • ==QFW7114
  • ==SA6155P
  • ==MDM9628
  • ==SM7635P
  • ==QCA9367
  • ==SM7325P
  • ==QCA6584AU
  • ==WCD9326
  • ==QCN9011
  • ==SA8295P
  • ==QCS4290
  • ==Snapdragon 685 4G Mobile Platform
  • ==QCA6391
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==AR8031
  • ==SA6150P
  • ==Smart Audio 400 Platform
  • ==QCM6125
Ignored packages (1) 
Not present in nixpkgs
Permalink CVE-2025-47371
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
updated 2 weeks, 6 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 6 days ago
  • @LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
  • @LeSuisse dismissed 2 weeks, 6 days ago
Reachable Assertion in Modem

Transient DOS when an LTE RLC packet with invalid TB is received by UE.

References

Affected products

Snapdragon
  • ==G1 Gen 1
  • ==Palawan25
  • ==Snapdragon 7+ Gen 2 Mobile Platform
  • ==Snapdragon 8 Gen 1 Mobile Platform
  • ==FastConnect 7800
  • ==QCA6797AQ
  • ==WSA8830
  • ==SM7435
  • ==SM7675
  • ==SM7550
  • ==SM6650P
  • ==WSA8840
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==QCN9012
  • ==Snapdragon Auto 5G Modem-RF
  • ==QCS2290
  • ==AR8035
  • ==WCD9390
  • ==WSA8815
  • ==QCS4490
  • ==CSRA6640
  • ==Snapdragon 4 Gen 2 Mobile Platform
  • ==SM8650Q
  • ==FWA Gen 3 Ultra Platform
  • ==QCN6024
  • ==WCN7861
  • ==Snapdragon 690 5G Mobile Platform
  • ==SM7675P
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==Snapdragon 680 4G Mobile Platform
  • ==WCD9380
  • ==WCD9371
  • ==FastConnect 6800
  • ==QFW7124
  • ==QCA6174A
  • ==WSA8835
  • ==CSRA6620
  • ==WCD9378
  • ==WSA8845H
  • ==WCN3950
  • ==QCN6274
  • ==Snapdragon 8+ Gen 1 Mobile Platform
  • ==SM8635P
  • ==Snapdragon 7c Compute Platform
  • ==QMP1000
  • ==5G Fixed Wireless Access Platform
  • ==WCN6650
  • ==QCA8337
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==Snapdragon 6 Gen 1 Mobile Platform
  • ==Snapdragon X80 5G Modem-RF System
  • ==SM6250
  • ==Snapdragon 7 Gen 1 Mobile Platform
  • ==Snapdragon 865+ 5G Mobile Platform
  • ==QCM4490
  • ==WCD9370
  • ==WCD9360
  • ==Snapdragon Auto 5G Modem-RF Gen 2
  • ==WCD9340
  • ==WCN7860
  • ==QCC710
  • ==WCD9375
  • ==Netrani
  • ==Snapdragon 8 Elite
  • ==SDX71M
  • ==QCS8550
  • ==Snapdragon X75 5G Modem-RF System
  • ==QCA6698AU
  • ==Snapdragon 7c Gen 2 Compute Platform "Rennell Pro"
  • ==WCN3988
  • ==FastConnect 6700
  • ==Robotics RB2 Platform
  • ==QCA8081
  • ==SM7550P
  • ==WSA8845
  • ==QCA6696
  • ==WSA8810
  • ==SM6225P
  • ==SD 8 Gen1 5G
  • ==WCD9395
  • ==QCN6224
  • ==Snapdragon 8 Gen 3 Mobile Platform
  • ==Snapdragon 865 5G Mobile Platform
  • ==WCN7880
  • ==WCD9341
  • ==WCD9335
  • ==QCM4325
  • ==WSA8832
  • ==FastConnect 6200
  • ==QCA6698AQ
  • ==WCN6755
  • ==Orne
  • ==Snapdragon 460 Mobile Platform
  • ==SM8635
  • ==Milos
  • ==QCA6574A
  • ==QCA6574AU
  • ==QCA6688AQ
  • ==Snapdragon 662 Mobile Platform
  • ==WCN3910
  • ==FastConnect 6900
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==QCN9024
  • ==Snapdragon X55 5G Modem-RF System
  • ==SM8750P
  • ==WCN7881
  • ==Snapdragon 870 5G Mobile Platform
  • ==SDX61
  • ==SM8475P
  • ==QCA6595AU
  • ==QCM2290
  • ==Snapdragon X72 5G Modem-RF System
  • ==QCA6678AQ
  • ==SM8550P
  • ==WCD9385
  • ==SD662
  • ==QFW7114
  • ==Snapdragon X65 5G Modem-RF System
  • ==SM7635P
  • ==QCA6584AU
  • ==QCN9011
  • ==QCS4290
  • ==Snapdragon 685 4G Mobile Platform
  • ==QCA6391
  • ==Snapdragon 6 Gen 3 Mobile Platform
Ignored packages (1) 
Not present in nixpkgs