Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to vulnerabilities
High

Qualcomm Data HLOS - LNX RTP Packet Buffer Over-read Information Disclosure

IdentifiersCVE-2025-21427CWE-126· Buffer Over-read

CVE-2025-21427 is an information disclosure vulnerability in Qualcomm's Data HLOS - LNX subsystem triggered while decoding RTP packet payloads received from the network. Based on the provided content, the issue is a buffer over-read in the RTP packet parser caused by improper validation of RTP header fields, specifically failure to correctly validate the declared CSRC count against the actual packet or payload length. A specially crafted RTP packet can cause the parser to read beyond the end of the allocated buffer into adjacent memory, resulting in unintended disclosure of process memory contents.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can disclose sensitive memory contents from the affected component without requiring authentication or user interaction. The exposed data may include confidential material such as cryptographic keys, authentication tokens, or other adjacent memory-resident information. Because the flaw is network-reachable via crafted RTP traffic and is described as leaving minimal forensic traces, it may enable stealthy intelligence collection against affected devices.

Mitigation

If you can’t patch tonight, do this now.

If patches are not yet available, reduce exposure of vulnerable RTP-processing paths to untrusted networks and untrusted RTP sources where operationally feasible. Limit network reachability to services or components that accept RTP traffic, segment affected devices, and disable or restrict unnecessary RTP-dependent functionality until patched. Prioritize patching internet-exposed, carrier-facing, and high-value devices that process network-delivered media traffic.

Remediation

Patch, then assume compromise.

Apply Qualcomm's July 2025 security fixes or later vendor/OEM firmware updates for affected products. Because Qualcomm components are typically delivered through downstream device manufacturers and platform integrators, remediation requires installing the relevant OEM-provided patches for impacted Android, Linux, RTOS, modem, wireless, automotive, or IoT deployments. Verify firmware and security patch levels against Qualcomm's July 2025 bulletin and vendor advisories.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
Qualcomm205 Mobile Firmwareoperating_system
Qualcomm215 Mobile Firmwareoperating_system
QualcommApq8064au Firmwareoperating_system
QualcommAqt1000 Firmwareoperating_system
QualcommFastconnect 6200 Firmwareoperating_system
QualcommFastconnect 6700 Firmwareoperating_system
QualcommFastconnect 6800 Firmwareoperating_system
QualcommFastconnect 6900 Firmwareoperating_system
QualcommFastconnect 7800 Firmwareoperating_system
QualcommMsm8996au Firmwareoperating_system
QualcommQam8255p Firmwareoperating_system
QualcommQam8295p Firmwareoperating_system
QualcommQam8650p Firmwareoperating_system
QualcommQam8775p Firmwareoperating_system
QualcommQca6310 Firmwareoperating_system
QualcommQca6320 Firmwareoperating_system
QualcommQca6335 Firmwareoperating_system
QualcommQca6391 Firmwareoperating_system
QualcommQca6420 Firmwareoperating_system
QualcommQca6426 Firmwareoperating_system
QualcommQca6430 Firmwareoperating_system
QualcommQca6436 Firmwareoperating_system
QualcommQca6564 Firmwareoperating_system
QualcommQca6564a Firmwareoperating_system
QualcommQca6564au Firmwareoperating_system
QualcommQca6574 Firmwareoperating_system
QualcommQca6574a Firmwareoperating_system
QualcommQca6574au Firmwareoperating_system
QualcommQca6595 Firmwareoperating_system
QualcommQca6595au Firmwareoperating_system
QualcommQca6678aq Firmwareoperating_system
QualcommQca6688aq Firmwareoperating_system
QualcommQca6696 Firmwareoperating_system
QualcommQca6698aq Firmwareoperating_system
QualcommQca6797aq Firmwareoperating_system
QualcommQcm5430 Firmwareoperating_system
QualcommQcm6125 Firmwareoperating_system
QualcommQcm6490 Firmwareoperating_system
QualcommQcm8550 Firmwareoperating_system
QualcommQcn9274 Firmwareoperating_system
QualcommQcs410 Firmwareoperating_system
QualcommQcs4490 Firmwareoperating_system
QualcommQcs5430 Firmwareoperating_system
QualcommQcs610 Firmwareoperating_system
QualcommQcs6125 Firmwareoperating_system
QualcommQcs615 Firmwareoperating_system
QualcommQcs6490 Firmwareoperating_system
QualcommQcs8300 Firmwareoperating_system
QualcommQcs8550 Firmwareoperating_system
QualcommQcs9100 Firmwareoperating_system
QualcommRobotics Rb3 Firmwareoperating_system
QualcommSa4150p Firmwareoperating_system
QualcommSa4155p Firmwareoperating_system
QualcommSa6145p Firmwareoperating_system
QualcommSa6150p Firmwareoperating_system
QualcommSa6155 Firmwareoperating_system
QualcommSa6155p Firmwareoperating_system
QualcommSa7255p Firmwareoperating_system
QualcommSa7775p Firmwareoperating_system
QualcommSa8145p Firmwareoperating_system
QualcommSa8150p Firmwareoperating_system
QualcommSa8155 Firmwareoperating_system
QualcommSa8155p Firmwareoperating_system
QualcommSa8195p Firmwareoperating_system
QualcommSa8255p Firmwareoperating_system
QualcommSa8295p Firmwareoperating_system
QualcommSa8620p Firmwareoperating_system
QualcommSa8650p Firmwareoperating_system
QualcommSa8775p Firmwareoperating_system
QualcommSa9000p Firmwareoperating_system
QualcommSd 8 Gen1 5g Firmwareoperating_system
QualcommSd626 Firmwareoperating_system
QualcommSd660 Firmwareoperating_system
QualcommSd670 Firmwareoperating_system
QualcommSd730 Firmwareoperating_system
QualcommSd835 Firmwareoperating_system
QualcommSd855 Firmwareoperating_system
QualcommSd865 5g Firmwareoperating_system
QualcommSd888 Firmwareoperating_system
QualcommSdm429w Firmwareoperating_system
QualcommSdx55 Firmwareoperating_system
QualcommSg4150p Firmwareoperating_system
QualcommSm4125 Firmwareoperating_system
QualcommSm6250 Firmwareoperating_system
QualcommSm6370 Firmwareoperating_system
QualcommSm7315 Firmwareoperating_system
QualcommSm7325p Firmwareoperating_system
QualcommSm8550p Firmwareoperating_system
QualcommSmart Display 200 Firmwareoperating_system
QualcommSmart Display 200 Platform Firmwareoperating_system
QualcommSnapdragon 210 Firmwareoperating_system
QualcommSnapdragon 212 Mobile Firmwareoperating_system
QualcommSnapdragon 4 Gen 1 Mobile Firmwareoperating_system
QualcommSnapdragon 4 Gen 2 Mobile Firmwareoperating_system
QualcommSnapdragon 429 Mobile Firmwareoperating_system
QualcommSnapdragon 460 Mobile Firmwareoperating_system
QualcommSnapdragon 480 5g Mobile Firmwareoperating_system
QualcommSnapdragon 480+ 5g Mobile Firmwareoperating_system
QualcommSnapdragon 625 Mobile Firmwareoperating_system
QualcommSnapdragon 626 Mobile Firmwareoperating_system
QualcommSnapdragon 660 Mobile Firmwareoperating_system
QualcommSnapdragon 662 Mobile Firmwareoperating_system
QualcommSnapdragon 670 Mobile Firmwareoperating_system
QualcommSnapdragon 675 Mobile Firmwareoperating_system
QualcommSnapdragon 678 Mobile Firmwareoperating_system
QualcommSnapdragon 680 4g Mobile Firmwareoperating_system
QualcommSnapdragon 685 4g Mobile Firmwareoperating_system
QualcommSnapdragon 695 5g Mobile Firmwareoperating_system
QualcommSnapdragon 710 Mobile Firmwareoperating_system
QualcommSnapdragon 720g Mobile Firmwareoperating_system
QualcommSnapdragon 730 Mobile Firmwareoperating_system
QualcommSnapdragon 730g Mobile Firmwareoperating_system
QualcommSnapdragon 732g Mobile Firmwareoperating_system
QualcommSnapdragon 778g 5g Mobile Firmwareoperating_system
QualcommSnapdragon 778g+ 5g Mobile Firmwareoperating_system
QualcommSnapdragon 780g 5g Mobile Firmwareoperating_system
QualcommSnapdragon 782g Mobile Firmwareoperating_system
QualcommSnapdragon 7c+ Gen 3 Compute Firmwareoperating_system
QualcommSnapdragon 8 Gen 1 Mobile Firmwareoperating_system
QualcommSnapdragon 8 Gen 2 Mobile Firmwareoperating_system
QualcommSnapdragon 8 Gen 3 Mobile Firmwareoperating_system
QualcommSnapdragon 8+ Gen 1 Mobile Firmwareoperating_system
QualcommSnapdragon 8+ Gen 2 Mobile Firmwareoperating_system
QualcommSnapdragon 820 Automotive Firmwareoperating_system
QualcommSnapdragon 835 Mobile Pc Firmwareoperating_system
QualcommSnapdragon 845 Mobile Firmwareoperating_system
QualcommSnapdragon 855 Mobile Firmwareoperating_system
QualcommSnapdragon 855+ Mobile Firmwareoperating_system
QualcommSnapdragon 860 Mobile Firmwareoperating_system
QualcommSnapdragon 865 5g Mobile Firmwareoperating_system
QualcommSnapdragon 865+ 5g Mobile Firmwareoperating_system
QualcommSnapdragon 870 5g Mobile Firmwareoperating_system
QualcommSnapdragon 888 5g Mobile Firmwareoperating_system
QualcommSnapdragon 888+ 5g Mobile Firmwareoperating_system
QualcommSnapdragon W5+ Gen 1 Wearable Firmwareoperating_system
QualcommSnapdragon X50 5g Modem-Rf Firmwareoperating_system
QualcommSnapdragon X55 5g Modem-Rf Firmwareoperating_system
QualcommSnapdragon Xr1 Firmwareoperating_system
QualcommSnapdragon Xr2 5g Firmwareoperating_system
QualcommSnapdragon Xr2+ Gen 1 Firmwareoperating_system
QualcommSw5100 Firmwareoperating_system
QualcommSw5100p Firmwareoperating_system
QualcommSxr1120 Firmwareoperating_system
QualcommSxr2130 Firmwareoperating_system
QualcommTalynplus Firmwareoperating_system
QualcommVideo Collaboration Vc1 Firmwareoperating_system
QualcommVideo Collaboration Vc1 Platform Firmwareoperating_system
QualcommVideo Collaboration Vc3 Firmwareoperating_system
QualcommVideo Collaboration Vc3 Platform Firmwareoperating_system
QualcommVision Intelligence 100 Firmwareoperating_system
QualcommVision Intelligence 200 Firmwareoperating_system
QualcommVision Intelligence 300 Firmwareoperating_system
QualcommVision Intelligence 400 Firmwareoperating_system
QualcommWcd9326 Firmwareoperating_system
QualcommWcd9335 Firmwareoperating_system
QualcommWcd9340 Firmwareoperating_system
QualcommWcd9341 Firmwareoperating_system
QualcommWcd9370 Firmwareoperating_system
QualcommWcd9375 Firmwareoperating_system
QualcommWcd9380 Firmwareoperating_system
QualcommWcd9385 Firmwareoperating_system
QualcommWcd9390 Firmwareoperating_system
QualcommWcd9395 Firmwareoperating_system
QualcommWcn3610 Firmwareoperating_system
QualcommWcn3615 Firmwareoperating_system
QualcommWcn3620 Firmwareoperating_system
QualcommWcn3660b Firmwareoperating_system
QualcommWcn3680b Firmwareoperating_system
QualcommWcn3910 Firmwareoperating_system
QualcommWcn3950 Firmwareoperating_system
QualcommWcn3980 Firmwareoperating_system
QualcommWcn3988 Firmwareoperating_system
QualcommWcn3990 Firmwareoperating_system
QualcommWcn6740 Firmwareoperating_system
QualcommWsa8810 Firmwareoperating_system
QualcommWsa8815 Firmwareoperating_system
QualcommWsa8830 Firmwareoperating_system
QualcommWsa8832 Firmwareoperating_system
QualcommWsa8835 Firmwareoperating_system
QualcommWsa8840 Firmwareoperating_system
QualcommWsa8845 Firmwareoperating_system
QualcommWsa8845h Firmwareoperating_system

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

3 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

3 SOURCESView more in app
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity2

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2025-21427
NVD
nvd.nist.gov/vuln/detail/CVE-2025-21427
MITRE CWE · CWE-126
Buffer Over-read
Vendor Advisory
docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html