GHSA-p9g7-9rvq-fcj5 · Severity: medium — Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
Conclusion & alert: CVE-2025-59617 is rated Low Risk (26.7/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.09%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-07-07 | — | 0.09% | — |
Full EPSS history (1 record total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.6 | 3.1 | MEDIUM |
|
0.8 | 5.3 | [email protected] |
| 7.3 | 3.1 | HIGH |
|
1.3 | 5.9 | [email protected] |
GHSA-p9g7-9rvq-fcj5 · Severity: medium — Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| qualcomm | fastconnect_6700_firmware | — | cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fastconnect_6900_firmware | — | cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fastconnect_7800_firmware | — | cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:* |
| qualcomm | molokai_firmware | — | cpe:2.3:o:qualcomm:molokai_firmware:-:*:*:*:*:*:*:* |
| qualcomm | orne_firmware | — | cpe:2.3:o:qualcomm:orne_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pandeiro_firmware | — | cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm5430_firmware | — | cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm6490_firmware | — | cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qmp1000_firmware | — | cpe:2.3:o:qualcomm:qmp1000_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qmp2001_firmware | — | cpe:2.3:o:qualcomm:qmp2001_firmware:-:*:*:*:*:*:*:* |
| qualcomm | video_collaboration_vc3_platform_firmware | — | cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sc8380xp_firmware | — | cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd865_5g_firmware | — | cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sm6850_firmware | — | cpe:2.3:o:qualcomm:sm6850_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sm8845p_firmware | — | cpe:2.3:o:qualcomm:sm8845p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_460_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_662_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_8_elite_gen_5_firmware | — | cpe:2.3:o:qualcomm:snapdragon_8_elite_gen_5_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_ar1_gen_1_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_xr2_5g_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_xr2\+_gen_1_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_xr2\+_gen_1_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sxr2230p_firmware | — | cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sxr2250p_firmware | — | cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9370_firmware | — | cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9375_firmware | — | cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9378_firmware | — | cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9380_firmware | — | cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9385_firmware | — | cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9395_firmware | — | cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3950_firmware | — | cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3988_firmware | — | cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn6450_firmware | — | cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn7760_firmware | — | cpe:2.3:o:qualcomm:wcn7760_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn7860_firmware | — | cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn7861_firmware | — | cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn7880_firmware | — | cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn7881_firmware | — | cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8810_firmware | — | cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8815_firmware | — | cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8830_firmware | — | cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8832_firmware | — | cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8835_firmware | — | cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8840_firmware | — | cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8845_firmware | — | cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8845h_firmware | — | cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8850_firmware | — | cpe:2.3:o:qualcomm:wsa8850_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8850w_firmware | — | cpe:2.3:o:qualcomm:wsa8850w_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8855c_firmware | — | cpe:2.3:o:qualcomm:wsa8855c_firmware:-:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html | Patch Vendor Advisory |