CVE-2025-47357
📋 TL;DR
This vulnerability allows information disclosure when user-level drivers perform QFPROM read/write operations on Fuse regions in Qualcomm chipsets. It affects devices using vulnerable Qualcomm hardware and drivers, potentially exposing sensitive hardware configuration data. The impact is limited to systems with vulnerable Qualcomm components and appropriate driver access.
💻 Affected Systems
- Qualcomm chipsets with QFPROM functionality
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could extract cryptographic keys, device identifiers, or secure boot secrets stored in QFPROM fuses, potentially compromising device security and enabling further attacks.
Likely Case
Local attackers with user-level driver access could read sensitive hardware configuration data, though writing to protected fuse regions may be restricted by hardware protections.
If Mitigated
With proper driver permissions and hardware protections, impact is limited to authorized processes only accessing non-sensitive fuse regions.
🎯 Exploit Status
Requires local access and driver manipulation; hardware protections may limit impact.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Refer to Qualcomm November 2025 security bulletin for specific versions
Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2025-bulletin.html
Restart Required: Yes
Instructions:
1. Check Qualcomm advisory for affected chipset/driver versions. 2. Obtain updated firmware/drivers from device manufacturer. 3. Apply updates following manufacturer instructions. 4. Reboot device to activate fixes.
🔧 Temporary Workarounds
Restrict driver permissions
linuxLimit access to QFPROM driver interfaces to trusted processes only
# Review and restrict /dev/qfprom* device permissions
# Use SELinux/AppArmor policies to limit access
🧯 If You Can't Patch
- Implement strict access controls on driver interfaces
- Monitor for unusual QFPROM access patterns in system logs
🔍 How to Verify
Check if Vulnerable:
Check Qualcomm chipset version and driver dates against November 2025 bulletin; examine /dev/qfprom* device permissionsCheck Version:
# Check Qualcomm chipset: cat /proc/cpuinfo | grep -i qualcomm
# Check driver versions in /sys/class/misc/ or dmesgVerify Fix Applied:
Verify updated firmware/driver versions match Qualcomm patched versions; confirm restricted device permissions📡 Detection & Monitoring
Log Indicators:
- Unusual QFPROM device access in kernel logs
- Failed permission attempts on /dev/qfprom* devices
Network Indicators:
- Not applicable - local vulnerability only
SIEM Query:
source="kernel" AND ("qfprom" OR "QFPROM") AND (access OR permission OR denied)