CVE-2025-59617 PUBLISHED

Use After Free in Computer Vision

Assigner: qualcomm
Reserved: 18.09.2025 Published: 06.07.2026 Updated: 07.07.2026

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L
CVSS Score: 6.6

Product Status

Vendor Qualcomm, Inc.
Product Snapdragon
Versions Default: unaffected
  • Version FastConnect 6700 is affected
  • Version FastConnect 6900 is affected
  • Version FastConnect 7800 is affected
  • Version Molokai is affected
  • Version Orne is affected
  • Version Pandeiro is affected
  • Version QCM5430 is affected
  • Version QCM6490 is affected
  • Version QMP1000 is affected
  • Version QMP2001 is affected
  • Version Qualcomm Video Collaboration VC3 Platform is affected
  • Version SC8380XP is affected
  • Version SD865 5G is affected
  • Version SM6850 is affected
  • Version SM8845P is affected
  • Version Snapdragon 460 Mobile Platform is affected
  • Version Snapdragon 662 Mobile Platform is affected
  • Version Snapdragon 8 Elite Gen 5 is affected
  • Version Snapdragon AR1 Gen 1 Platform is affected
  • Version Snapdragon XR2 5G Platform is affected
  • Version Snapdragon XR2+ Gen 1 Platform is affected
  • Version SXR2230P is affected
  • Version SXR2250P is affected
  • Version WCD9370 is affected
  • Version WCD9375 is affected
  • Version WCD9378 is affected
  • Version WCD9380 is affected
  • Version WCD9385 is affected
  • Version WCD9395 is affected
  • Version WCN3950 is affected
  • Version WCN3988 is affected
  • Version WCN6450 is affected
  • Version WCN7760 is affected
  • Version WCN7860 is affected
  • Version WCN7861 is affected
  • Version WCN7880 is affected
  • Version WCN7881 is affected
  • Version WSA8810 is affected
  • Version WSA8815 is affected
  • Version WSA8830 is affected
  • Version WSA8832 is affected
  • Version WSA8835 is affected
  • Version WSA8840 is affected
  • Version WSA8845 is affected
  • Version WSA8845H is affected
  • Version WSA8850 is affected
  • Version WSA8850W is affected
  • Version WSA8855C is affected

References

Problem Types

  • CWE-416 Use After Free CWE