Vulnerability-Lookup

BDU:2025-15926

Vulnerability from fstec - Published: 07.02.2025

Title

Уязвимость микропрограммного обеспечения встраиваемых плат Qualcomm, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость микропрограммного обеспечения встраиваемых плат Qualcomm связана с использованием памяти после её освобождения. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor

Qualcomm Technologies Inc.

Software Name

WCD9380, WSA8830, WSA8835, AR8031, AR8035, CSRA6620, CSRA6640, WCD9371, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon 460 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Qualcomm® Video Collaboration VC1 Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon X75 5G Modem-RF System, SA8770P, QCA2066, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6678AQ, Qualcomm® Video Collaboration VC5 Platform, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X35 5G Modem-RF System, SA8775P, SA7775P, SA8620P, SA8650P, Snapdragon X72 5G Modem-RF System, SRV1H, SRV1M, QCA6688AQ, FastConnect 6900, FastConnect 7800, WCD9370, WCD9390, WCD9395, WCN3950, WSA8810, WSA8815, WSA8832, WSA8840, WSA8845, WSA8845H, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC710, QCM8550, QCN6224, QCN6274, QCN9012, QCS8550, QFW7114, QFW7124, SA6155P, SA7255P, SA8155P, SA8195P, SA8255P, SA8295P, SA9000P, SM8550P, WCD9340, WCD9375, WCD9378, WCD9385, WCN3980, WCN3988, WCN6650, WCN6755, Snapdragon X32 5G Modem-RF System, Flight RB5 5G Platform, QCA6174A, QCA6391, QCM2290, QCM6125, QCN9011, QCS2290, QCS6125, QCS7230, QCS8250, QDU1010, QDX1010, QDX1011, QEP8111, QRB5165N, Robotics RB5 Platform, SG4150P, SG8275P, Smart Audio 400 Platform, SW5100, SW5100P, WCD9335, WCN3910, SG8275, SM7550, SM7550P

Software Version

- (WCD9380), - (WSA8830), - (WSA8835), - (AR8031), - (AR8035), - (CSRA6620), - (CSRA6640), - (WCD9371), - (Snapdragon W5+ Gen 1 Wearable Platform), - (Snapdragon 460 Mobile Platform), - (Snapdragon 662 Mobile Platform), - (Snapdragon 680 4G Mobile Platform), - (Snapdragon 685 4G Mobile Platform (SM6225-AD)), - (Qualcomm® Video Collaboration VC1 Platform), - (Snapdragon 8 Gen 2 Mobile Platform), - (Snapdragon 8+ Gen 2 Mobile Platform), - (Snapdragon X75 5G Modem-RF System), - (SA8770P), - (QCA2066), - (QCA6574), - (QCA6574A), - (QCA6574AU), - (QCA6584AU), - (QCA6678AQ), - (Qualcomm® Video Collaboration VC5 Platform), - (Snapdragon Auto 5G Modem-RF Gen 2), - (Snapdragon X35 5G Modem-RF System), - (SA8775P), - (SA7775P), - (SA8620P), - (SA8650P), - (Snapdragon X72 5G Modem-RF System), - (SRV1H), - (SRV1M), - (QCA6688AQ), - (FastConnect 6900), - (FastConnect 7800), - (WCD9370), - (WCD9390), - (WCD9395), - (WCN3950), - (WSA8810), - (WSA8815), - (WSA8832), - (WSA8840), - (WSA8845), - (WSA8845H), - (QAM8255P), - (QAM8295P), - (QAM8650P), - (QAM8775P), - (QAMSRV1H), - (QAMSRV1M), - (QCA6595), - (QCA6595AU), - (QCA6696), - (QCA6698AQ), - (QCA6797AQ), - (QCA8081), - (QCA8337), - (QCC710), - (QCM8550), - (QCN6224), - (QCN6274), - (QCN9012), - (QCS8550), - (QFW7114), - (QFW7124), - (SA6155P), - (SA7255P), - (SA8155P), - (SA8195P), - (SA8255P), - (SA8295P), - (SA9000P), - (SM8550P), - (WCD9340), - (WCD9375), - (WCD9378), - (WCD9385), - (WCN3980), - (WCN3988), - (WCN6650), - (WCN6755), - (Snapdragon X32 5G Modem-RF System), - (Flight RB5 5G Platform), - (QCA6174A), - (QCA6391), - (QCM2290), - (QCM6125), - (QCN9011), - (QCS2290), - (QCS6125), - (QCS7230), - (QCS8250), - (QDU1010), - (QDX1010), - (QDX1011), - (QEP8111), - (QRB5165N), - (Robotics RB5 Platform), - (SG4150P), - (SG8275P), - (Smart Audio 400 Platform), - (SW5100), - (SW5100P), - (WCD9335), - (WCN3910), - (SG8275), - (SM7550), - (SM7550P)

Possible Mitigations

Использование рекомендаций производителя: https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

Reference

https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html

CWE

CWE-416

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Qualcomm Technologies Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (WCD9380), - (WSA8830), - (WSA8835), - (AR8031), - (AR8035), - (CSRA6620), - (CSRA6640), - (WCD9371), - (Snapdragon W5+ Gen 1 Wearable Platform), - (Snapdragon 460 Mobile Platform), - (Snapdragon 662 Mobile Platform), - (Snapdragon 680 4G Mobile Platform), - (Snapdragon 685 4G Mobile Platform (SM6225-AD)), - (Qualcomm\u00ae Video Collaboration VC1 Platform), - (Snapdragon 8 Gen 2 Mobile Platform), - (Snapdragon 8+ Gen 2 Mobile Platform), - (Snapdragon X75 5G Modem-RF System), - (SA8770P), - (QCA2066), - (QCA6574), - (QCA6574A), - (QCA6574AU), - (QCA6584AU), - (QCA6678AQ), - (Qualcomm\u00ae Video Collaboration VC5 Platform), - (Snapdragon Auto 5G Modem-RF Gen 2), - (Snapdragon X35 5G Modem-RF System), - (SA8775P), - (SA7775P), - (SA8620P), - (SA8650P), - (Snapdragon X72 5G Modem-RF System), - (SRV1H), - (SRV1M), - (QCA6688AQ), - (FastConnect 6900), - (FastConnect 7800), - (WCD9370), - (WCD9390), - (WCD9395), - (WCN3950), - (WSA8810), - (WSA8815), - (WSA8832), - (WSA8840), - (WSA8845), - (WSA8845H), - (QAM8255P), - (QAM8295P), - (QAM8650P), - (QAM8775P), - (QAMSRV1H), - (QAMSRV1M), - (QCA6595), - (QCA6595AU), - (QCA6696), - (QCA6698AQ), - (QCA6797AQ), - (QCA8081), - (QCA8337), - (QCC710), - (QCM8550), - (QCN6224), - (QCN6274), - (QCN9012), - (QCS8550), - (QFW7114), - (QFW7124), - (SA6155P), - (SA7255P), - (SA8155P), - (SA8195P), - (SA8255P), - (SA8295P), - (SA9000P), - (SM8550P), - (WCD9340), - (WCD9375), - (WCD9378), - (WCD9385), - (WCN3980), - (WCN3988), - (WCN6650), - (WCN6755), - (Snapdragon X32 5G Modem-RF System), - (Flight RB5 5G Platform), - (QCA6174A), - (QCA6391), - (QCM2290), - (QCM6125), - (QCN9011), - (QCS2290), - (QCS6125), - (QCS7230), - (QCS8250), - (QDU1010), - (QDX1010), - (QDX1011), - (QEP8111), - (QRB5165N), - (Robotics RB5 Platform), - (SG4150P), - (SG8275P), - (Smart Audio 400 Platform), - (SW5100), - (SW5100P), - (WCD9335), - (WCN3910), - (SG8275), - (SM7550), - (SM7550P)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "07.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.12.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.12.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-15926",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-47322",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "WCD9380, WSA8830, WSA8835, AR8031, AR8035, CSRA6620, CSRA6640, WCD9371, Snapdragon W5+ Gen 1 Wearable Platform, Snapdragon 460 Mobile Platform, Snapdragon 662 Mobile Platform, Snapdragon 680 4G Mobile Platform, Snapdragon 685 4G Mobile Platform (SM6225-AD), Qualcomm\u00ae Video Collaboration VC1 Platform, Snapdragon 8 Gen 2 Mobile Platform, Snapdragon 8+ Gen 2 Mobile Platform, Snapdragon X75 5G Modem-RF System, SA8770P, QCA2066, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6678AQ, Qualcomm\u00ae Video Collaboration VC5 Platform, Snapdragon Auto 5G Modem-RF Gen 2, Snapdragon X35 5G Modem-RF System, SA8775P, SA7775P, SA8620P, SA8650P, Snapdragon X72 5G Modem-RF System, SRV1H, SRV1M, QCA6688AQ, FastConnect 6900, FastConnect 7800, WCD9370, WCD9390, WCD9395, WCN3950, WSA8810, WSA8815, WSA8832, WSA8840, WSA8845, WSA8845H, QAM8255P, QAM8295P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, QCA6595, QCA6595AU, QCA6696, QCA6698AQ, QCA6797AQ, QCA8081, QCA8337, QCC710, QCM8550, QCN6224, QCN6274, QCN9012, QCS8550, QFW7114, QFW7124, SA6155P, SA7255P, SA8155P, SA8195P, SA8255P, SA8295P, SA9000P, SM8550P, WCD9340, WCD9375, WCD9378, WCD9385, WCN3980, WCN3988, WCN6650, WCN6755, Snapdragon X32 5G Modem-RF System, Flight RB5 5G Platform, QCA6174A, QCA6391, QCM2290, QCM6125, QCN9011, QCS2290, QCS6125, QCS7230, QCS8250, QDU1010, QDX1010, QDX1011, QEP8111, QRB5165N, Robotics RB5 Platform, SG4150P, SG8275P, Smart Audio 400 Platform, SW5100, SW5100P, WCD9335, WCN3910, SG8275, SM7550, SM7550P",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u043b\u0430\u0442 Qualcomm, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0435\u0451 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CWE-416)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u043b\u0430\u0442 Qualcomm \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0435\u0451 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u0432 \u0445\u043e\u0434\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439",
  "\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-416",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}

CVE-2025-47322 (GCVE-0-2025-47322)

Vulnerability from cvelistv5 – Published: 2025-12-18 05:29 – Updated: 2025-12-18 15:00

Title

Use After Free in Automotive Linux OS

Summary

Memory corruption while handling IOCTL calls to set mode.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Assigner

qualcomm

References

URL

Tags

https://docs.qualcomm.com/product/publicresources…

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon	Affected: AR8031 Affected: AR8035 Affected: CSRA6620 Affected: CSRA6640 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: Flight RB5 5G Platform Affected: QAM8255P Affected: QAM8295P Affected: QAM8650P Affected: QAM8775P Affected: QAMSRV1H Affected: QAMSRV1M Affected: QCA2066 Affected: QCA6174A Affected: QCA6391 Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6678AQ Affected: QCA6688AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6797AQ Affected: QCA8081 Affected: QCA8337 Affected: QCC710 Affected: QCM2290 Affected: QCM6125 Affected: QCM8550 Affected: QCN6224 Affected: QCN6274 Affected: QCN9011 Affected: QCN9012 Affected: QCS2290 Affected: QCS6125 Affected: QCS7230 Affected: QCS8250 Affected: QCS8550 Affected: QDU1010 Affected: QDX1010 Affected: QDX1011 Affected: QEP8111 Affected: QFW7114 Affected: QFW7124 Affected: QRB5165N Affected: Qualcommr Video Collaboration VC1 Platform Affected: Qualcommr Video Collaboration VC5 Platform Affected: Robotics RB5 Platform Affected: SA6155P Affected: SA7255P Affected: SA7775P Affected: SA8155P Affected: SA8195P Affected: SA8255P Affected: SA8295P Affected: SA8620P Affected: SA8650P Affected: SA8770P Affected: SA8775P Affected: SA9000P Affected: SG4150P Affected: SG8275 Affected: SG8275P Affected: SM7550 Affected: SM7550P Affected: SM8550P Affected: Smart Audio 400 Platform Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 680 4G Mobile Platform Affected: Snapdragon 685 4G Mobile Platform (SM6225-AD) Affected: Snapdragon 8 Gen 2 Mobile Platform Affected: Snapdragon 8+ Gen 2 Mobile Platform Affected: Snapdragon Auto 5G Modem-RF Gen 2 Affected: Snapdragon W5+ Gen 1 Wearable Platform Affected: Snapdragon X32 5G Modem-RF System Affected: Snapdragon X35 5G Modem-RF System Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: SRV1H Affected: SRV1M Affected: SW5100 Affected: SW5100P Affected: WCD9335 Affected: WCD9340 Affected: WCD9370 Affected: WCD9371 Affected: WCD9375 Affected: WCD9378 Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN6650 Affected: WCN6755 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-47322",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-18T14:46:13.544780Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-18T15:00:58.256Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon Voice \u0026 Music",
            "Snapdragon WBC",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8031"
            },
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "CSRA6620"
            },
            {
              "status": "affected",
              "version": "CSRA6640"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "Flight RB5 5G Platform"
            },
            {
              "status": "affected",
              "version": "QAM8255P"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QAM8650P"
            },
            {
              "status": "affected",
              "version": "QAM8775P"
            },
            {
              "status": "affected",
              "version": "QAMSRV1H"
            },
            {
              "status": "affected",
              "version": "QAMSRV1M"
            },
            {
              "status": "affected",
              "version": "QCA2066"
            },
            {
              "status": "affected",
              "version": "QCA6174A"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6574"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6678AQ"
            },
            {
              "status": "affected",
              "version": "QCA6688AQ"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA6797AQ"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCC710"
            },
            {
              "status": "affected",
              "version": "QCM2290"
            },
            {
              "status": "affected",
              "version": "QCM6125"
            },
            {
              "status": "affected",
              "version": "QCM8550"
            },
            {
              "status": "affected",
              "version": "QCN6224"
            },
            {
              "status": "affected",
              "version": "QCN6274"
            },
            {
              "status": "affected",
              "version": "QCN9011"
            },
            {
              "status": "affected",
              "version": "QCN9012"
            },
            {
              "status": "affected",
              "version": "QCS2290"
            },
            {
              "status": "affected",
              "version": "QCS6125"
            },
            {
              "status": "affected",
              "version": "QCS7230"
            },
            {
              "status": "affected",
              "version": "QCS8250"
            },
            {
              "status": "affected",
              "version": "QCS8550"
            },
            {
              "status": "affected",
              "version": "QDU1010"
            },
            {
              "status": "affected",
              "version": "QDX1010"
            },
            {
              "status": "affected",
              "version": "QDX1011"
            },
            {
              "status": "affected",
              "version": "QEP8111"
            },
            {
              "status": "affected",
              "version": "QFW7114"
            },
            {
              "status": "affected",
              "version": "QFW7124"
            },
            {
              "status": "affected",
              "version": "QRB5165N"
            },
            {
              "status": "affected",
              "version": "Qualcommr Video Collaboration VC1 Platform"
            },
            {
              "status": "affected",
              "version": "Qualcommr Video Collaboration VC5 Platform"
            },
            {
              "status": "affected",
              "version": "Robotics RB5 Platform"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA7255P"
            },
            {
              "status": "affected",
              "version": "SA7775P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8255P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SA8620P"
            },
            {
              "status": "affected",
              "version": "SA8650P"
            },
            {
              "status": "affected",
              "version": "SA8770P"
            },
            {
              "status": "affected",
              "version": "SA8775P"
            },
            {
              "status": "affected",
              "version": "SA9000P"
            },
            {
              "status": "affected",
              "version": "SG4150P"
            },
            {
              "status": "affected",
              "version": "SG8275"
            },
            {
              "status": "affected",
              "version": "SG8275P"
            },
            {
              "status": "affected",
              "version": "SM7550"
            },
            {
              "status": "affected",
              "version": "SM7550P"
            },
            {
              "status": "affected",
              "version": "SM8550P"
            },
            {
              "status": "affected",
              "version": "Smart Audio 400 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 460 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 662 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 680 4G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8+ Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 5G Modem-RF Gen 2"
            },
            {
              "status": "affected",
              "version": "Snapdragon W5+ Gen 1 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X32 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X35 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X72 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X75 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "SRV1H"
            },
            {
              "status": "affected",
              "version": "SRV1M"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9371"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCD9378"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCD9390"
            },
            {
              "status": "affected",
              "version": "WCD9395"
            },
            {
              "status": "affected",
              "version": "WCN3910"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN6650"
            },
            {
              "status": "affected",
              "version": "WCN6755"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            },
            {
              "status": "affected",
              "version": "WSA8840"
            },
            {
              "status": "affected",
              "version": "WSA8845"
            },
            {
              "status": "affected",
              "version": "WSA8845H"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory corruption while handling IOCTL calls to set mode."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-18T05:29:02.931Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2025-bulletin.html"
        }
      ],
      "title": "Use After Free in Automotive Linux OS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2025-47322",
    "datePublished": "2025-12-18T05:29:02.931Z",
    "dateReserved": "2025-05-06T08:33:16.260Z",
    "dateUpdated": "2025-12-18T15:00:58.256Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2025-15926

CVE-2025-47322 (GCVE-0-2025-47322)

Tags

Sightings

Nomenclature