CVE-2025-47359

Summary

Memory Corruption when multiple threads simultaneously access a memory free API.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonAQT1000affected
Qualcomm, Inc.SnapdragonFastConnect 6200affected
Qualcomm, Inc.SnapdragonFastConnect 6800affected
Qualcomm, Inc.SnapdragonFastConnect 6900affected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonQCA6391affected
Qualcomm, Inc.SnapdragonQCA6420affected
Qualcomm, Inc.SnapdragonQCA6430affected
Qualcomm, Inc.SnapdragonQCC2072affected
Qualcomm, Inc.SnapdragonSC8380XPaffected
Qualcomm, Inc.SnapdragonSnapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite"affected
Qualcomm, Inc.SnapdragonSnapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Compute Platform (SC8180X-AA, AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro"affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)affected
Qualcomm, Inc.SnapdragonSnapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)affected
Qualcomm, Inc.SnapdragonWCD9340affected
Qualcomm, Inc.SnapdragonWCD9341affected
Qualcomm, Inc.SnapdragonWCD9378Caffected
Qualcomm, Inc.SnapdragonWCD9380affected
Qualcomm, Inc.SnapdragonWCD9385affected
Qualcomm, Inc.SnapdragonWSA8810affected
Qualcomm, Inc.SnapdragonWSA8815affected
Qualcomm, Inc.SnapdragonWSA8830affected
Qualcomm, Inc.SnapdragonWSA8835affected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected
Qualcomm, Inc.SnapdragonX2000077affected
Qualcomm, Inc.SnapdragonX2000086affected
Qualcomm, Inc.SnapdragonX2000090affected
Qualcomm, Inc.SnapdragonX2000092affected
Qualcomm, Inc.SnapdragonX2000094affected
Qualcomm, Inc.SnapdragonXG101002affected
Qualcomm, Inc.SnapdragonXG101032affected
Qualcomm, Inc.SnapdragonXG101039affected

Weaknesses

  • CWE-416: CWE-416 Use After Free

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References