CVE-2025-21424: Use After Free in NPU
High (7.8)
Sign up for FREE to recieve instant alerts about this vulnerability!
Description
Memory corruption while calling the NPU driver APIs concurrently.
Classification
CVE ID: CVE-2025-21424
CVSS Base Severity: HIGH
CVSS Base Score: 7.8
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem Types
CWE-416 Use After FreeAffected Products
Vendor: Qualcomm, Inc.
Product: Snapdragon
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 0.1198 (how common is this exploit)
EPSS Date: 2025-03-14 (when was this score calculated)