FKIE_CVE-2025-47408
Vulnerability from fkie_nvd - Published: 2026-05-04 17:16 - Updated: 2026-05-06 18:03
Severity ?
Summary
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE1CBDE-3D28-463C-B215-AA7DF373EF09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:iqx5121_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "499A2520-436C-4B12-849D-98B94088CCDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:iqx5121:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C34A825-C928-4F8F-B076-19F8787A3440",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:iqx7181_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F58C10B5-2BB1-4A8F-AF4B-2EC791C9FBBE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:iqx7181:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE22328-BBF8-473C-8F89-58AEF8CC9D75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC941093-1A7C-47B2-AB3B-05AE4AE2FBE4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2AA834-C17C-4E0E-A510-795818041E47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72433485-B229-46A6-BCA4-394AA4EEA683",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04D40EC4-BF31-4BFD-8D0A-8193F541AF02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FACA2BF1-85D3-447F-A08D-B90330A22550",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2ABA18D-82C1-4366-B1D7-DED42DD3D5C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_compute_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B80BE46-13C8-4AA5-8C39-865603713F8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_compute:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5489E441-7C58-4B0F-B878-9060ABE05D9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:snapdragon_7c_gen_2_compute_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2931C0E3-D4E7-4A75-B80E-0E248E2E5001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:snapdragon_7c_gen_2_compute:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C7F2111-F4F3-4C22-B9F8-65EAF8FF7452",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "665811D8-F648-4F32-A375-FAF9C9E928B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A537932-6EAD-411B-83FF-48CF050F603A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD779739-5919-43A9-B949-D1FB4A46FA11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA3083D-C664-45C7-98CD-E90223F887A8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA33DE15-C177-43B3-AD50-FF797753D12E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1A5841-5BCB-4033-ACB9-23F3FCA65309",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B47BF35-3AA0-4667-842E-19B0FE30BF3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A071672-9405-4418-9141-35CEADBB65AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7CF473-8B25-4851-91F2-1BD693CCDC85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91E591F2-8F72-4A5A-9264-2742EB2DABDA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption when another driver calls an IOCTL with invalid input/output buffer."
}
],
"id": "CVE-2025-47408",
"lastModified": "2026-05-06T18:03:00.557",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "product-security@qualcomm.com",
"type": "Primary"
}
]
},
"published": "2026-05-04T17:16:21.257",
"references": [
{
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html"
}
],
"sourceIdentifier": "product-security@qualcomm.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-822"
}
],
"source": "product-security@qualcomm.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…