CVE-2025-47399

Summary

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonCologneaffected
Qualcomm, Inc.SnapdragonFastConnect 7800affected
Qualcomm, Inc.SnapdragonWCD9378Caffected
Qualcomm, Inc.SnapdragonWSA8840affected
Qualcomm, Inc.SnapdragonWSA8845affected
Qualcomm, Inc.SnapdragonWSA8845Haffected
Qualcomm, Inc.SnapdragonX2000077affected
Qualcomm, Inc.SnapdragonX2000086affected
Qualcomm, Inc.SnapdragonX2000090affected
Qualcomm, Inc.SnapdragonX2000092affected
Qualcomm, Inc.SnapdragonX2000094affected
Qualcomm, Inc.SnapdragonXG101002affected
Qualcomm, Inc.SnapdragonXG101032affected
Qualcomm, Inc.SnapdragonXG101039affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References