CVE-2025-47367
📋 TL;DR
This CVE describes a memory corruption vulnerability in Qualcomm IOCTL processing that could allow attackers to execute arbitrary code or cause denial of service. It affects systems using vulnerable Qualcomm components, potentially including mobile devices, IoT devices, and embedded systems with Qualcomm chipsets.
💻 Affected Systems
- Qualcomm chipsets and associated firmware
📦 What is this software?
Snapdragon 7c\+ Gen 3 Compute Firmware by Qualcomm
View all CVEs affecting Snapdragon 7c\+ Gen 3 Compute Firmware →
Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp Ab\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp Ab\) Firmware →
Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp Bb\) Firmware by Qualcomm
View all CVEs affecting Snapdragon 8cx Gen 3 Compute Platform \(sc8280xp Bb\) Firmware →
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution with kernel privileges leading to complete system compromise
Likely Case
Local privilege escalation or denial of service affecting device stability
If Mitigated
Limited impact with proper memory protections and exploit mitigations
🎯 Exploit Status
Requires local access or ability to send IOCTL commands; memory corruption exploitation requires specific conditions
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Qualcomm November 2025 security bulletin for specific versions
Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2025-bulletin.html
Restart Required: Yes
Instructions:
1. Check Qualcomm advisory for affected components 2. Obtain updated firmware/drivers from device manufacturer 3. Apply patches following vendor instructions 4. Reboot system
🔧 Temporary Workarounds
Restrict IOCTL access
linuxLimit access to vulnerable IOCTL interfaces using SELinux/AppArmor policies
# Example SELinux policy to restrict device access
# Requires custom policy development for specific device
Disable unnecessary drivers
linuxRemove or disable Qualcomm drivers not required for system operation
modprobe -r [driver_name]
# Replace [driver_name] with specific vulnerable driver
🧯 If You Can't Patch
- Implement strict access controls to prevent unauthorized users from accessing device interfaces
- Deploy exploit mitigation technologies (ASLR, DEP, stack canaries) to reduce exploit success
🔍 How to Verify
Check if Vulnerable:
Check Qualcomm chipset version and compare against patched versions in advisoryCheck Version:
cat /proc/cpuinfo | grep -i qualcommVerify Fix Applied:
Verify firmware/driver version matches patched version from Qualcomm bulletin📡 Detection & Monitoring
Log Indicators:
- Unusual IOCTL calls to Qualcomm drivers
- Kernel panic or crash logs related to memory corruption
Network Indicators:
- Not applicable - local vulnerability
SIEM Query:
DeviceLogs | where DriverName contains "qualcomm" and Operation contains "IOCTL"