{"id":18896,"date":"2025-09-24T11:42:02","date_gmt":"2025-09-24T11:42:02","guid":{"rendered":"http:\/\/localhost\/?p=18896"},"modified":"2025-09-24T11:42:02","modified_gmt":"2025-09-24T11:42:02","slug":"buffer-over-read-in-audio","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=18896","title":{"rendered":"Buffer Over-read in Audio_CVE-2025-27030"},"content":{"rendered":"<p>{&#8220;lastseen&#8221;:&#8221;&#8221;,&#8221;description&#8221;:&#8221;information disclosure while invoking calibration data from user space to update firmware size.&#8221;,&#8221;published&#8221;:&#8221;2025-09-24T15:33:37.296Z&#8221;,&#8221;modified&#8221;:&#8221;2025-09-24T15:33:37.296Z&#8221;,&#8221;type&#8221;:&#8221;cve&#8221;,&#8221;title&#8221;:&#8221;Buffer Over-read in Audio&#8221;,&#8221;source&#8221;:&#8221;qualcomm&#8221;,&#8221;references&#8221;:&#8221;https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/september-2025-bulletin.html&#8221;,&#8221;id&#8221;:&#8221;CVE-2025-27030&#8243;,&#8221;bulletinFamily&#8221;:&#8221;&#8221;,&#8221;cwe&#8221;:[&#8220;CWE-126&#8243;],&#8221;cvelist&#8221;:null,&#8221;sourceData&#8221;:&#8221;Qualcomm, Inc. Snapdragon C-V2X 9150\\nQualcomm, Inc. Snapdragon QAM8295P\\nQualcomm, Inc. Snapdragon QCA6574AU\\nQualcomm, Inc. Snapdragon QCA6584AU\\nQualcomm, Inc. Snapdragon QCA6696\\nQualcomm, Inc. Snapdragon QCA6698AQ\\nQualcomm, Inc. Snapdragon QCA9367\\nQualcomm, Inc. Snapdragon QCA9377\\nQualcomm, Inc. Snapdragon QCN9074\\nQualcomm, Inc. Snapdragon QCS410\\nQualcomm, Inc. Snapdragon QCS610\\nQualcomm, Inc. Snapdragon QSM8250\\nQualcomm, Inc. Snapdragon Qualcomm Video Collaboration VC1 Platform\\nQualcomm, Inc. Snapdragon Qualcomm Video Collaboration VC3 Platform\\nQualcomm, Inc. Snapdragon SA6145P\\nQualcomm, Inc. Snapdragon SA6150P\\nQualcomm, Inc. Snapdragon SA6155P\\nQualcomm, Inc. Snapdragon SA8145P\\nQualcomm, Inc. Snapdragon SA8150P\\nQualcomm, Inc. Snapdragon SA8155P\\nQualcomm, Inc. Snapdragon SA8195P\\nQualcomm, Inc. Snapdragon SA8295P\\nQualcomm, Inc. Snapdragon SA8530P\\nQualcomm, Inc. Snapdragon SA8540P\\nQualcomm, Inc. Snapdragon SA9000P\\nQualcomm, Inc. Snapdragon SDX55\\nQualcomm, Inc. Snapdragon Snapdragon Auto 5G Modem-RF\\nQualcomm, Inc. Snapdragon Snapdragon Auto 5G Modem-RF Gen 2\\nQualcomm, Inc. Snapdragon SW5100\\nQualcomm, Inc. Snapdragon SW5100P\\nQualcomm, Inc. Snapdragon WCD9341\\nQualcomm, Inc. Snapdragon WCD9370\\nQualcomm, Inc. Snapdragon WCN3660B\\nQualcomm, Inc. Snapdragon WCN3680B\\nQualcomm, Inc. Snapdragon WCN3950\\nQualcomm, Inc. Snapdragon WCN3980\\nQualcomm, Inc. Snapdragon WCN3988\\nQualcomm, Inc. Snapdragon WSA8810\\nQualcomm, Inc. Snapdragon WSA8815\\nQualcomm, Inc. Snapdragon WSA8830\\nQualcomm, Inc. Snapdragon WSA8835&#8243;,&#8221;sourceHref&#8221;:&#8221;&#8221;,&#8221;cvss&#8221;:{&#8220;score&#8221;:6.1,&#8221;severity&#8221;:&#8221;MEDIUM&#8221;,&#8221;vector&#8221;:&#8221;CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:L&#8221;,&#8221;version&#8221;:&#8221;3.1&#8243;},&#8221;cvss2&#8243;:{},&#8221;cvss3&#8243;:{&#8220;version&#8221;:&#8221;&#8221;,&#8221;vectorString&#8221;:&#8221;&#8221;,&#8221;baseScore&#8221;:0,&#8221;baseSeverity&#8221;:&#8221;&#8221;,&#8221;attackVector&#8221;:&#8221;&#8221;,&#8221;attackComplexity&#8221;:&#8221;&#8221;,&#8221;privilegesRequired&#8221;:&#8221;&#8221;,&#8221;userInteraction&#8221;:&#8221;&#8221;,&#8221;scope&#8221;:&#8221;&#8221;,&#8221;confidentialityImpact&#8221;:&#8221;&#8221;,&#8221;integrityImpact&#8221;:&#8221;&#8221;,&#8221;availabilityImpact&#8221;:&#8221;&#8221;,&#8221;cvssV3&#8243;:{&#8220;version&#8221;:&#8221;&#8221;,&#8221;vectorString&#8221;:&#8221;&#8221;,&#8221;baseScore&#8221;:0,&#8221;baseSeverity&#8221;:&#8221;&#8221;,&#8221;attackVector&#8221;:&#8221;&#8221;,&#8221;attackComplexity&#8221;:&#8221;&#8221;,&#8221;privilegesRequired&#8221;:&#8221;&#8221;,&#8221;userInteraction&#8221;:&#8221;&#8221;,&#8221;scope&#8221;:&#8221;&#8221;,&#8221;confidentialityImpact&#8221;:&#8221;&#8221;,&#8221;integrityImpact&#8221;:&#8221;&#8221;,&#8221;availabilityImpact&#8221;:&#8221;&#8221;}},&#8221;href&#8221;:&#8221;&#8221;,&#8221;category_name&#8221;:&#8221;CVE&#8221;,&#8221;post_link&#8221;:&#8221;&#8221;,&#8221;product&#8221;:&#8221;Snapdragon&#8221;,&#8221;version&#8221;:&#8221;C-V2X 9150&#8243;,&#8221;vendor&#8221;:&#8221;Qualcomm, Inc.&#8221;,&#8221;ai_description&#8221;:&#8221;&#8221;,&#8221;ai_severity&#8221;:&#8221;&#8221;,&#8221;ai_vendor&#8221;:&#8221;&#8221;,&#8221;ai_product&#8221;:&#8221;&#8221;,&#8221;ai_version&#8221;:&#8221;&#8221;,&#8221;ai_score&#8221;:0}<\/p>\n","protected":false},"excerpt":{"rendered":"<p>{&#8220;lastseen&#8221;:&#8221;&#8221;,&#8221;description&#8221;:&#8221;information disclosure while invoking calibration data from user space to update firmware size.&#8221;,&#8221;published&#8221;:&#8221;2025-09-24T15:33:37.296Z&#8221;,&#8221;modified&#8221;:&#8221;2025-09-24T15:33:37.296Z&#8221;,&#8221;type&#8221;:&#8221;cve&#8221;,&#8221;title&#8221;:&#8221;Buffer Over-read in Audio&#8221;,&#8221;source&#8221;:&#8221;qualcomm&#8221;,&#8221;references&#8221;:&#8221;https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/september-2025-bulletin.html&#8221;,&#8221;id&#8221;:&#8221;CVE-2025-27030&#8243;,&#8221;bulletinFamily&#8221;:&#8221;&#8221;,&#8221;cwe&#8221;:[&#8220;CWE-126&#8243;],&#8221;cvelist&#8221;:null,&#8221;sourceData&#8221;:&#8221;Qualcomm, Inc. Snapdragon C-V2X 9150\\nQualcomm, Inc. Snapdragon QAM8295P\\nQualcomm, Inc. Snapdragon&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,31,12,21,13,7,11,5],"class_list":["post-18896","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-61","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Buffer Over-read in Audio_CVE-2025-27030 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=18896\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Buffer Over-read in Audio_CVE-2025-27030 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{&#8220;lastseen&#8221;:&#8221;&#8221;,&#8221;description&#8221;:&#8221;information disclosure while invoking calibration data from user space to update firmware size.&#8221;,&#8221;published&#8221;:&#8221;2025-09-24T15:33:37.296Z&#8221;,&#8221;modified&#8221;:&#8221;2025-09-24T15:33:37.296Z&#8221;,&#8221;type&#8221;:&#8221;cve&#8221;,&#8221;title&#8221;:&#8221;Buffer Over-read in Audio&#8221;,&#8221;source&#8221;:&#8221;qualcomm&#8221;,&#8221;references&#8221;:&#8221;https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/september-2025-bulletin.html&#8221;,&#8221;id&#8221;:&#8221;CVE-2025-27030&#8243;,&#8221;bulletinFamily&#8221;:&#8221;&#8221;,&#8221;cwe&#8221;:[&#8220;CWE-126&#8243;],&#8221;cvelist&#8221;:null,&#8221;sourceData&#8221;:&#8221;Qualcomm, Inc. Snapdragon C-V2X 9150nQualcomm, Inc. Snapdragon QAM8295PnQualcomm, Inc. Snapdragon...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=18896\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-24T11:42:02+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=18896#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=18896\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Buffer Over-read in Audio_CVE-2025-27030\",\"datePublished\":\"2025-09-24T11:42:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=18896\"},\"wordCount\":335,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-6.1\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=18896#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=18896\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=18896\",\"name\":\"Buffer Over-read in Audio_CVE-2025-27030 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-09-24T11:42:02+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=18896#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=18896\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=18896#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Buffer Over-read in Audio_CVE-2025-27030\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Buffer Over-read in Audio_CVE-2025-27030 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=18896","og_locale":"en_US","og_type":"article","og_title":"Buffer Over-read in Audio_CVE-2025-27030 - zero redgem","og_description":"{&#8220;lastseen&#8221;:&#8221;&#8221;,&#8221;description&#8221;:&#8221;information disclosure while invoking calibration data from user space to update firmware size.&#8221;,&#8221;published&#8221;:&#8221;2025-09-24T15:33:37.296Z&#8221;,&#8221;modified&#8221;:&#8221;2025-09-24T15:33:37.296Z&#8221;,&#8221;type&#8221;:&#8221;cve&#8221;,&#8221;title&#8221;:&#8221;Buffer Over-read in Audio&#8221;,&#8221;source&#8221;:&#8221;qualcomm&#8221;,&#8221;references&#8221;:&#8221;https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/september-2025-bulletin.html&#8221;,&#8221;id&#8221;:&#8221;CVE-2025-27030&#8243;,&#8221;bulletinFamily&#8221;:&#8221;&#8221;,&#8221;cwe&#8221;:[&#8220;CWE-126&#8243;],&#8221;cvelist&#8221;:null,&#8221;sourceData&#8221;:&#8221;Qualcomm, Inc. Snapdragon C-V2X 9150nQualcomm, Inc. Snapdragon QAM8295PnQualcomm, Inc. Snapdragon...","og_url":"https:\/\/zero.redgem.net\/?p=18896","og_site_name":"zero redgem","article_published_time":"2025-09-24T11:42:02+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=18896#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=18896"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Buffer Over-read in Audio_CVE-2025-27030","datePublished":"2025-09-24T11:42:02+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=18896"},"wordCount":335,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-6.1","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=18896#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=18896","url":"https:\/\/zero.redgem.net\/?p=18896","name":"Buffer Over-read in Audio_CVE-2025-27030 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-09-24T11:42:02+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=18896#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=18896"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=18896#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Buffer Over-read in Audio_CVE-2025-27030"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/18896","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=18896"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/18896\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=18896"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=18896"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=18896"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}