Login Sign Up

CVE-2025-27056

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes a use-after-free vulnerability (CWE-416) in Qualcomm sub-system restart processes that can lead to memory corruption. Attackers could potentially exploit this to execute arbitrary code or cause denial of service. The vulnerability affects devices using Qualcomm chipsets with the vulnerable sub-system.

💻 Affected Systems

Products:
  • Qualcomm chipsets with vulnerable sub-system
Versions: Specific versions not publicly detailed in initial advisory
Operating Systems: Android, Linux-based systems using Qualcomm chips
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with Qualcomm chipsets where the vulnerable sub-system is enabled

📦 What is this software?

Fastconnect 7800 Firmware by Qualcomm

View all CVEs affecting Fastconnect 7800 Firmware →

Qmp1000 Firmware by Qualcomm

View all CVEs affecting Qmp1000 Firmware →

Sm8735 Firmware by Qualcomm

View all CVEs affecting Sm8735 Firmware →

Sm8750 Firmware by Qualcomm

View all CVEs affecting Sm8750 Firmware →

Sm8750p Firmware by Qualcomm

View all CVEs affecting Sm8750p Firmware →

Snapdragon 8 Gen 3 Mobile Firmware by Qualcomm

View all CVEs affecting Snapdragon 8 Gen 3 Mobile Firmware →

Snapdragon W5\+ Gen 1 Wearable Firmware by Qualcomm

View all CVEs affecting Snapdragon W5\+ Gen 1 Wearable Firmware →

Sw5100 Firmware by Qualcomm

View all CVEs affecting Sw5100 Firmware →

Sw5100p Firmware by Qualcomm

View all CVEs affecting Sw5100p Firmware →

Sxr2330p Firmware by Qualcomm

View all CVEs affecting Sxr2330p Firmware →

Wcd9378 Firmware by Qualcomm

View all CVEs affecting Wcd9378 Firmware →

Wcd9380 Firmware by Qualcomm

View all CVEs affecting Wcd9380 Firmware →

Wcd9390 Firmware by Qualcomm

View all CVEs affecting Wcd9390 Firmware →

Wcd9395 Firmware by Qualcomm

View all CVEs affecting Wcd9395 Firmware →

Wcn7750 Firmware by Qualcomm

View all CVEs affecting Wcn7750 Firmware →

Wcn7860 Firmware by Qualcomm

View all CVEs affecting Wcn7860 Firmware →

Wcn7861 Firmware by Qualcomm

View all CVEs affecting Wcn7861 Firmware →

Wcn7880 Firmware by Qualcomm

View all CVEs affecting Wcn7880 Firmware →

Wcn7881 Firmware by Qualcomm

View all CVEs affecting Wcn7881 Firmware →

Wsa8830 Firmware by Qualcomm

View all CVEs affecting Wsa8830 Firmware →

Wsa8832 Firmware by Qualcomm

View all CVEs affecting Wsa8832 Firmware →

Wsa8835 Firmware by Qualcomm

View all CVEs affecting Wsa8835 Firmware →

Wsa8840 Firmware by Qualcomm

View all CVEs affecting Wsa8840 Firmware →

Wsa8845 Firmware by Qualcomm

View all CVEs affecting Wsa8845 Firmware →

Wsa8845h Firmware by Qualcomm

View all CVEs affecting Wsa8845h Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete system compromise

🟠

Likely Case

System crash or denial of service requiring device restart

🟢

If Mitigated

Limited impact with proper memory protections and exploit mitigations

🌐 Internet-Facing: MEDIUM - Requires specific conditions but could be exploited via network services
🏢 Internal Only: HIGH - Local attackers could trigger the vulnerability more reliably

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires triggering sub-system restart under specific conditions

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm July 2025 security bulletin

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for specific patch details 2. Apply firmware updates from device manufacturer 3. Reboot device after update

🔧 Temporary Workarounds

Disable vulnerable sub-system

linux

If possible, disable the affected sub-system to prevent exploitation

# System-specific commands would depend on device configuration

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized system access
  • Monitor system logs for unexpected sub-system restarts or crashes

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against Qualcomm security bulletin

Check Version:

# cat /proc/version or device-specific firmware check

Verify Fix Applied:

Verify firmware version has been updated to patched version

📡 Detection & Monitoring

Log Indicators:

  • Unexpected sub-system restarts
  • Memory corruption errors in kernel logs
  • System crashes related to resource cleanup

Network Indicators:

  • Unusual network traffic triggering system processes

SIEM Query:

search 'kernel panic' OR 'use-after-free' OR 'sub-system restart' in system logs

📊 Metadata

CVE ID: CVE-2025-27056
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.02% exploit probability (4.1th percentile)
Published: July 8, 2025
Last Updated: July 21, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-27056, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)