CVE-2025-47376

Q: What is the severity of CVE-2025-47376?

CVE-2025-47376 has a CVSS score of 7.8 (HIGH). This vulnerability allows memory corruption when multiple processes concurrently access a shared buffer during IOCTL calls in Qualcomm components. Attackers could potentially execute arbitrary code or cause system crashes. Affects systems using vulnerable Qualcomm hardware/drivers.

7.8 HIGH

📋 TL;DR

This vulnerability allows memory corruption when multiple processes concurrently access a shared buffer during IOCTL calls in Qualcomm components. Attackers could potentially execute arbitrary code or cause system crashes. Affects systems using vulnerable Qualcomm hardware/drivers.

💻 Affected Systems

Products:

Qualcomm chipsets with vulnerable drivers

Versions: Specific versions not detailed in reference; check Qualcomm advisory for affected chipset models

Operating Systems: Android, Linux-based systems using Qualcomm drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with Qualcomm hardware where vulnerable drivers are loaded. Mobile devices and embedded systems are primary targets.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel mode, allowing complete system compromise and persistence.

🟠

Likely Case

System crash/denial of service or limited information disclosure from memory corruption.

🟢

If Mitigated

No impact if proper access controls prevent unauthorized users from making IOCTL calls.

🌐 Internet-Facing: LOW (requires local access to device, not directly exploitable over network)

🏢 Internal Only: MEDIUM (requires local access but could be exploited by malicious insiders or compromised accounts)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to trigger concurrent IOCTL calls. Race condition exploitation can be challenging.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm March 2026 security bulletin for specific chipset firmware versions

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html

Restart Required: Yes

Instructions:

1. Check Qualcomm advisory for affected chipset models. 2. Obtain updated firmware/drivers from device manufacturer. 3. Apply patches following device-specific update procedures. 4. Reboot system.

🔧 Temporary Workarounds

Restrict IOCTL access

linux

Limit which users/groups can access device files that expose vulnerable IOCTL calls

chmod 600 /dev/qualcomm-device
setfacl -m u:root:rw /dev/qualcomm-device

Disable unnecessary drivers

linux

Unload vulnerable Qualcomm drivers if functionality is not required

rmmod vulnerable_driver_module

🧯 If You Can't Patch

Implement strict access controls to prevent non-privileged users from accessing Qualcomm device interfaces
Monitor for unusual IOCTL call patterns and system crashes that might indicate exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check Qualcomm chipset version and compare against advisory. Use: cat /proc/cpuinfo | grep -i qualcomm

Check Version:

dmesg | grep -i qualcomm OR cat /sys/class/qualcomm/version

Verify Fix Applied:

Verify driver/firmware version matches patched version from Qualcomm bulletin. Check system logs for successful driver updates.

📡 Detection & Monitoring

Log Indicators:

Multiple concurrent IOCTL calls to Qualcomm devices
System crashes with memory corruption errors
Kernel panic messages

Network Indicators:

Not network exploitable - focus on local system monitoring

SIEM Query:

EventID=6008 OR (Source="Kernel" AND Message="*corruption*" AND Process="*qualcomm*")

📊 Metadata

CVE ID: CVE-2025-47376

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: March 2, 2026

Last Updated: March 4, 2026

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8031 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Fastconnect 6200 Firmware by Qualcomm

Fastconnect 6700 Firmware by Qualcomm

Fastconnect 6800 Firmware by Qualcomm

Fastconnect 6900 Firmware by Qualcomm

Fastconnect 7800 Firmware by Qualcomm

Flight Rb5 5g Platform Firmware by Qualcomm

Fwa Gen 3 Ultra Firmware by Qualcomm

G1 Gen 1 Firmware by Qualcomm

Lemans Au Lgit Firmware by Qualcomm

Lemansau Firmware by Qualcomm

Mdm9250 Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Milos Firmware by Qualcomm

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qamsrv1m Firmware by Qualcomm

Qca2066 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6678aq Firmware by Qualcomm

Qca6688aq Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Qca6698au Firmware by Qualcomm

Qca6797aq Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca8695au Firmware by Qualcomm

Qca9367 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcc710 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4325 Firmware by Qualcomm

Qcm5430 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcn6224 Firmware by Qualcomm

Qcn6274 Firmware by Qualcomm

Qcn9011 Firmware by Qualcomm

Qcn9012 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qcs8550 Firmware by Qualcomm

Qep8111 Firmware by Qualcomm

Qfw7114 Firmware by Qualcomm

Qfw7124 Firmware by Qualcomm

Qrb5165m Firmware by Qualcomm

Qrb5165n Firmware by Qualcomm

Qualcomm 215 Mobile Platform Firmware by Qualcomm

Robotics Rb2 Platform Firmware by Qualcomm

Robotics Rb5 Platform Firmware by Qualcomm

Sa4150p Firmware by Qualcomm

Sa4155p Firmware by Qualcomm

Sa6145p Firmware by Qualcomm

Sa6150p Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa7255p Firmware by Qualcomm

Sa7775p Firmware by Qualcomm

Sa8145p Firmware by Qualcomm

Sa8150p Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sa8255p Firmware by Qualcomm

Sa8295p Firmware by Qualcomm