Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-34MX-45MG-P6WM
Vulnerability from github – Published: 2026-04-06 18:33 – Updated: 2026-04-06 18:33
VLAI
Details
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2025-47389"
],
"database_specific": {
"cwe_ids": [
"CWE-120"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-06T16:16:27Z",
"severity": "HIGH"
},
"details": "Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.",
"id": "GHSA-34mx-45mg-p6wm",
"modified": "2026-04-06T18:33:05Z",
"published": "2026-04-06T18:33:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47389"
},
{
"type": "WEB",
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2025-47389 (GCVE-0-2025-47389)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-07 03:55
VLAI
EPSS
Title
Buffer Copy Without Checking Size of Input in Automotive Platform
Summary
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Severity
7.8 (High)
CWE
- CWE-120 - Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AR8035
Affected: Cologne Affected: CSRA6620 Affected: CSRA6640 Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: FWA Gen 3 Ultra Platform Affected: G2 Gen 1 Affected: IQ6 Series Platform Affected: IQ8 Series Platform Affected: IQ9 Series Platform Affected: LeMans_AU_LGIT Affected: LeMansAU Affected: Milos Affected: Monaco_IOT Affected: Netrani Affected: Orne Affected: Palawan25 Affected: Pandeiro Affected: QAM8255P Affected: QAM8295P Affected: QAM8397P Affected: QAM8620P Affected: QAMSRV1H Affected: QAMSRV1M Affected: QCA6174A Affected: QCA6391 Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6678AQ Affected: QCA6688AQ Affected: QCA6696 Affected: QCA6698AQ Affected: QCA6797AQ Affected: QCA8081 Affected: QCA8337 Affected: QCA8695AU Affected: QCC710 Affected: QCM2290 Affected: QCM5430 Affected: QCM6125 Affected: QCM6490 Affected: QCN6224 Affected: QCN6274 Affected: QCS2290 Affected: QEP8111 Affected: QFW7114 Affected: QFW7124 Affected: QLN1083BD Affected: QLN1086BD Affected: QMP1000 Affected: QPA1083BD Affected: QPA1086BD Affected: Qualcomm Video Collaboration VC1 Platform Affected: Qualcomm Video Collaboration VC3 Platform Affected: QXM1083 Affected: QXM1086 Affected: QXM1093 Affected: QXM1094 Affected: QXM1095 Affected: QXM1096 Affected: Robotics RB2 Platform Affected: SA6145P Affected: SA6150P Affected: SA6155P Affected: SA7255P Affected: SA7775P Affected: SA8145P Affected: SA8150P Affected: SA8155P Affected: SA8195P Affected: SA8255P Affected: SA8295P Affected: SA8540P Affected: SA8620P Affected: SA8770P Affected: SA9000P Affected: SAR1165P Affected: SC8380XP Affected: SD865 5G Affected: SM6650P Affected: SM7325P Affected: SM7435 Affected: SM7635P Affected: SM7675 Affected: SM7675P Affected: SM8635 Affected: SM8635P Affected: SM8650Q Affected: SM8750P Affected: Snapdragon 4 Gen 1 Mobile Platform Affected: Snapdragon 4 Gen 2 Mobile Platform Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 480 5G Mobile Platform Affected: Snapdragon 480+ 5G Mobile Platform Affected: Snapdragon 6 Gen 1 Mobile Platform Affected: Snapdragon 6 Gen 3 Mobile Platform Affected: Snapdragon 6 Gen 4 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 690 5G Mobile Platform Affected: Snapdragon 695 5G Mobile Platform Affected: Snapdragon 778G 5G Mobile Platform Affected: Snapdragon 778G+ 5G Mobile Platform Affected: Snapdragon 782G Mobile Platform Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 7s Gen 3 Mobile Platform Affected: Snapdragon 8 Elite Affected: Snapdragon 8 Elite Gen 5 Affected: Snapdragon 8 Gen 3 Mobile Platform Affected: Snapdragon 865 5G Mobile Platform Affected: Snapdragon 865+ 5G Mobile Platform Affected: Snapdragon 870 5G Mobile Platform Affected: Snapdragon 888 5G Mobile Platform Affected: Snapdragon 888+ 5G Mobile Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: Snapdragon AR1+ Gen 1 Platform Affected: Snapdragon Auto 5G Modem-RF Gen 2 Affected: Snapdragon X32 5G Modem-RF System Affected: Snapdragon X35 5G Modem-RF System Affected: Snapdragon X53 5G Modem-RF System Affected: Snapdragon X55 5G Modem-RF System Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: Snapdragon XR2 5G Platform Affected: Snapdragon XR2+ Gen 1 Platform Affected: SRV1H Affected: SRV1L Affected: SRV1M Affected: SW6100 Affected: SW6100P Affected: SXR2330P Affected: SXR2350P Affected: Themisto Affected: WCD9335 Affected: WCD9340 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN6450 Affected: WCN6650 Affected: WCN6755 Affected: WCN7860 Affected: WCN7861 Affected: WCN7880 Affected: WCN7881 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 Affected: XRV7209 Affected: XRV9209 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T03:55:45.795Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon Compute",
"Snapdragon Consumer IOT",
"Snapdragon Edge Cloud AI",
"Snapdragon Industrial IOT",
"Snapdragon Mobile",
"Snapdragon WBC",
"Snapdragon Wearables"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "CSRA6620"
},
{
"status": "affected",
"version": "CSRA6640"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "FWA Gen 3 Ultra Platform"
},
{
"status": "affected",
"version": "G2 Gen 1"
},
{
"status": "affected",
"version": "IQ6 Series Platform"
},
{
"status": "affected",
"version": "IQ8 Series Platform"
},
{
"status": "affected",
"version": "IQ9 Series Platform"
},
{
"status": "affected",
"version": "LeMans_AU_LGIT"
},
{
"status": "affected",
"version": "LeMansAU"
},
{
"status": "affected",
"version": "Milos"
},
{
"status": "affected",
"version": "Monaco_IOT"
},
{
"status": "affected",
"version": "Netrani"
},
{
"status": "affected",
"version": "Orne"
},
{
"status": "affected",
"version": "Palawan25"
},
{
"status": "affected",
"version": "Pandeiro"
},
{
"status": "affected",
"version": "QAM8255P"
},
{
"status": "affected",
"version": "QAM8295P"
},
{
"status": "affected",
"version": "QAM8397P"
},
{
"status": "affected",
"version": "QAM8620P"
},
{
"status": "affected",
"version": "QAMSRV1H"
},
{
"status": "affected",
"version": "QAMSRV1M"
},
{
"status": "affected",
"version": "QCA6174A"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6584AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6678AQ"
},
{
"status": "affected",
"version": "QCA6688AQ"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCA6698AQ"
},
{
"status": "affected",
"version": "QCA6797AQ"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA8695AU"
},
{
"status": "affected",
"version": "QCC710"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "QCN6224"
},
{
"status": "affected",
"version": "QCN6274"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QEP8111"
},
{
"status": "affected",
"version": "QFW7114"
},
{
"status": "affected",
"version": "QFW7124"
},
{
"status": "affected",
"version": "QLN1083BD"
},
{
"status": "affected",
"version": "QLN1086BD"
},
{
"status": "affected",
"version": "QMP1000"
},
{
"status": "affected",
"version": "QPA1083BD"
},
{
"status": "affected",
"version": "QPA1086BD"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC1 Platform"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "QXM1083"
},
{
"status": "affected",
"version": "QXM1086"
},
{
"status": "affected",
"version": "QXM1093"
},
{
"status": "affected",
"version": "QXM1094"
},
{
"status": "affected",
"version": "QXM1095"
},
{
"status": "affected",
"version": "QXM1096"
},
{
"status": "affected",
"version": "Robotics RB2 Platform"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA7255P"
},
{
"status": "affected",
"version": "SA7775P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SA8255P"
},
{
"status": "affected",
"version": "SA8295P"
},
{
"status": "affected",
"version": "SA8540P"
},
{
"status": "affected",
"version": "SA8620P"
},
{
"status": "affected",
"version": "SA8770P"
},
{
"status": "affected",
"version": "SA9000P"
},
{
"status": "affected",
"version": "SAR1165P"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SM6650P"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "SM7435"
},
{
"status": "affected",
"version": "SM7635P"
},
{
"status": "affected",
"version": "SM7675"
},
{
"status": "affected",
"version": "SM7675P"
},
{
"status": "affected",
"version": "SM8635"
},
{
"status": "affected",
"version": "SM8635P"
},
{
"status": "affected",
"version": "SM8650Q"
},
{
"status": "affected",
"version": "SM8750P"
},
{
"status": "affected",
"version": "Snapdragon 4 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 4 Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 480 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 480+ 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 4 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 690 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 695 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 778G 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 778G+ 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 782G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 7s Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Elite"
},
{
"status": "affected",
"version": "Snapdragon 8 Elite Gen 5"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 865 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 865+ 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 870 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 888 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 888+ 5G Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1+ Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon Auto 5G Modem-RF Gen 2"
},
{
"status": "affected",
"version": "Snapdragon X32 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X35 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X53 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X55 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X72 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X75 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon XR2 5G Platform"
},
{
"status": "affected",
"version": "Snapdragon XR2+ Gen 1 Platform"
},
{
"status": "affected",
"version": "SRV1H"
},
{
"status": "affected",
"version": "SRV1L"
},
{
"status": "affected",
"version": "SRV1M"
},
{
"status": "affected",
"version": "SW6100"
},
{
"status": "affected",
"version": "SW6100P"
},
{
"status": "affected",
"version": "SXR2330P"
},
{
"status": "affected",
"version": "SXR2350P"
},
{
"status": "affected",
"version": "Themisto"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCD9390"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3980"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN6450"
},
{
"status": "affected",
"version": "WCN6650"
},
{
"status": "affected",
"version": "WCN6755"
},
{
"status": "affected",
"version": "WCN7860"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7880"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
},
{
"status": "affected",
"version": "XRV7209"
},
{
"status": "affected",
"version": "XRV9209"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy Without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:40.431Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Buffer Copy Without Checking Size of Input in Automotive Platform"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2025-47389",
"datePublished": "2026-04-06T15:33:40.431Z",
"dateReserved": "2025-05-06T08:33:16.274Z",
"dateUpdated": "2026-04-07T03:55:45.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…