7.3

CVSS3.1

CVE-2025-27071 - Buffer Copy Without Checking Size of Input in Powerline Communication Firmware

Memory corruption while processing specific files in Powerline Communication Firmware.

📅 Published: Aug. 6, 2025, 7:26 a.m. 🔄 Last Modified: Aug. 19, 2025, 1:12 p.m.

7.8

CVSS3.1

CVE-2025-27069 - Untrusted Pointer Dereference in DSP Service

Memory corruption while processing DDI command calls.

📅 Published: Aug. 6, 2025, 7:26 a.m. 🔄 Last Modified: Aug. 18, 2025, 6:27 p.m.

7.8

CVSS3.1

CVE-2025-27068 - Buffer Over-read in Camera

Memory corruption while processing an IOCTL command with an arbitrary address.

📅 Published: Aug. 6, 2025, 7:26 a.m. 🔄 Last Modified: Aug. 18, 2025, 6:27 p.m.

7.8

CVSS3.1

CVE-2025-27067 - Improper Validation of Array Index in DSP Service

Memory corruption while processing DDI call with invalid buffer.

📅 Published: Aug. 6, 2025, 7:26 a.m. 🔄 Last Modified: Aug. 18, 2025, 6:27 p.m.

7.5

CVSS3.1

CVE-2025-27066 - Reachable Assertion in WLAN Firmware

Transient DOS while processing an ANQP message.

📅 Published: Aug. 6, 2025, 7:26 a.m. 🔄 Last Modified: Nov. 28, 2025, 3:53 p.m.

7.5

CVSS3.1

CVE-2025-27065 - Buffer Over-read in WLAN Firmware

Transient DOS while processing a frame with malformed shared-key descriptor.

📅 Published: Aug. 6, 2025, 7:26 a.m. 🔄 Last Modified: Aug. 20, 2025, 7:46 p.m.

7.8

CVSS3.1

CVE-2025-27062 - Improper Access Control in Automotive Multimedia

Memory corruption while handling client exceptions, allowing unauthorized channel access.

📅 Published: Aug. 6, 2025, 7:26 a.m. 🔄 Last Modified: Nov. 28, 2025, 3:53 p.m.

7.5

CVSS3.1

CVE-2025-21477 - Improper Input Validation in Modem

Transient DOS while processing CCCH data when NW sends data with invalid length.

📅 Published: Aug. 6, 2025, 7:25 a.m. 🔄 Last Modified: Aug. 20, 2025, 7:42 p.m.

7.8

CVSS3.1

CVE-2025-21474 - Use After Free in BTHOST

Memory corruption while processing commands from A2dp sink command queue.

📅 Published: Aug. 6, 2025, 7:25 a.m. 🔄 Last Modified: Aug. 19, 2025, 1:19 p.m.

7.8

CVSS3.1

CVE-2025-21473 - Time-of-check Time-of-use (TOCTOU) Race Condition in Camera_Linux

Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.

📅 Published: Aug. 6, 2025, 7:25 a.m. 🔄 Last Modified: Feb. 26, 2026, 5:49 p.m.

CVE Authored by @arslan

7.3

CVE-2025-27071 - Buffer Copy Without Checking Size of Input in Powerline Communication Firmware

7.8

CVE-2025-27069 - Untrusted Pointer Dereference in DSP Service

7.8

CVE-2025-27068 - Buffer Over-read in Camera

7.8

CVE-2025-27067 - Improper Validation of Array Index in DSP Service

7.5

CVE-2025-27066 - Reachable Assertion in WLAN Firmware

7.5

CVE-2025-27065 - Buffer Over-read in WLAN Firmware

7.8

CVE-2025-27062 - Improper Access Control in Automotive Multimedia

7.5

CVE-2025-21477 - Improper Input Validation in Modem

7.8

CVE-2025-21474 - Use After Free in BTHOST

7.8

CVE-2025-21473 - Time-of-check Time-of-use (TOCTOU) Race Condition in Camera_Linux