CVE-2025-47406 - Vulnerability Details - OpenCVE

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Qualcomm	Snapdragon

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Qualcomm	Snapdragon

References

Link	Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html

History

Mon, 04 May 2026 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Qualcomm Qualcomm snapdragon
Vendors & Products		Qualcomm Qualcomm snapdragon

Mon, 04 May 2026 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 04 May 2026 17:15:00 +0000

Type	Values Removed	Values Added
Description		Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.
Title		Buffer Over-read in DSP Service
Weaknesses		CWE-126
References		https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html
Metrics		cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L'}`

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2026-05-04T16:43:12.203Z

Updated: 2026-05-04T17:50:51.545Z

Reserved: 2025-05-06T08:33:16.277Z

Link: CVE-2025-47406

Vulnrichment

Updated: 2026-05-04T17:46:29.428Z

NVD

Status : Received

Published: 2026-05-04T17:16:20.957

Modified: 2026-05-04T17:16:20.957

Link: CVE-2025-47406

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-04T20:15:07Z

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-47406", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "state": "PUBLISHED", "assignerShortName": "qualcomm", "dateReserved": "2025-05-06T08:33:16.277Z", "datePublished": "2026-05-04T16:43:12.203Z", "dateUpdated": "2026-05-04T17:50:51.545Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Snapdragon Compute", "Snapdragon Industrial IOT"], "product": "Snapdragon", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "Cologne"}, {"status": "affected", "version": "FastConnect 6700"}, {"status": "affected", "version": "FastConnect 6900"}, {"status": "affected", "version": "FastConnect 7800"}, {"status": "affected", "version": "IQX5121"}, {"status": "affected", "version": "IQX7181"}, {"status": "affected", "version": "QCA0000"}, {"status": "affected", "version": "QCM5430"}, {"status": "affected", "version": "QCM6490"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform"}, {"status": "affected", "version": "SC8380XP"}, {"status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute"}, {"status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform"}, {"status": "affected", "version": "WCD9370"}, {"status": "affected", "version": "WCD9375"}, {"status": "affected", "version": "WCD9378C"}, {"status": "affected", "version": "WCD9380"}, {"status": "affected", "version": "WCD9385"}, {"status": "affected", "version": "WSA8830"}, {"status": "affected", "version": "WSA8835"}, {"status": "affected", "version": "WSA8840"}, {"status": "affected", "version": "WSA8845"}, {"status": "affected", "version": "WSA8845H"}, {"status": "affected", "version": "X2000077"}, {"status": "affected", "version": "X2000086"}, {"status": "affected", "version": "X2000090"}, {"status": "affected", "version": "X2000092"}, {"status": "affected", "version": "X2000094"}, {"status": "affected", "version": "XG101002"}, {"status": "affected", "version": "XG101032"}, {"status": "affected", "version": "XG101039"}]}], "descriptions": [{"lang": "en", "value": "Information Disclosure while processing IOCTL handler callbacks without verifying buffer size."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2026-05-04T16:43:12.203Z"}, "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html"}], "title": "Buffer Over-read in DSP Service"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-04T17:41:53.544004Z", "id": "CVE-2025-47406", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-04T17:50:51.545Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-47406", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-05-04T17:41:53.544004Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-04T17:46:29.428Z"}}], "cna": {"title": "Buffer Over-read in DSP Service", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Qualcomm, Inc.", "product": "Snapdragon", "versions": [{"status": "affected", "version": "Cologne"}, {"status": "affected", "version": "FastConnect 6700"}, {"status": "affected", "version": "FastConnect 6900"}, {"status": "affected", "version": "FastConnect 7800"}, {"status": "affected", "version": "IQX5121"}, {"status": "affected", "version": "IQX7181"}, {"status": "affected", "version": "QCA0000"}, {"status": "affected", "version": "QCM5430"}, {"status": "affected", "version": "QCM6490"}, {"status": "affected", "version": "Qualcomm Video Collaboration VC3 Platform"}, {"status": "affected", "version": "SC8380XP"}, {"status": "affected", "version": "Snapdragon 7c+ Gen 3 Compute"}, {"status": "affected", "version": "Snapdragon 8cx Gen 3 Compute Platform"}, {"status": "affected", "version": "WCD9370"}, {"status": "affected", "version": "WCD9375"}, {"status": "affected", "version": "WCD9378C"}, {"status": "affected", "version": "WCD9380"}, {"status": "affected", "version": "WCD9385"}, {"status": "affected", "version": "WSA8830"}, {"status": "affected", "version": "WSA8835"}, {"status": "affected", "version": "WSA8840"}, {"status": "affected", "version": "WSA8845"}, {"status": "affected", "version": "WSA8845H"}, {"status": "affected", "version": "X2000077"}, {"status": "affected", "version": "X2000086"}, {"status": "affected", "version": "X2000090"}, {"status": "affected", "version": "X2000092"}, {"status": "affected", "version": "X2000094"}, {"status": "affected", "version": "XG101002"}, {"status": "affected", "version": "XG101032"}, {"status": "affected", "version": "XG101039"}], "platforms": ["Snapdragon Compute", "Snapdragon Industrial IOT"], "defaultStatus": "unaffected"}], "references": [{"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html"}], "descriptions": [{"lang": "en", "value": "Information Disclosure while processing IOCTL handler callbacks without verifying buffer size."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read"}]}], "providerMetadata": {"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm", "dateUpdated": "2026-05-04T16:43:12.203Z"}}}, "cveMetadata": {"cveId": "CVE-2025-47406", "state": "PUBLISHED", "dateUpdated": "2026-05-04T17:50:51.545Z", "dateReserved": "2025-05-06T08:33:16.277Z", "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "datePublished": "2026-05-04T16:43:12.203Z", "assignerShortName": "qualcomm"}, "dataVersion": "5.2"}

{"affected": [{"configurations": [{"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "Cologne"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "FastConnect 6700"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "FastConnect 6900"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "FastConnect 7800"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "IQX5121"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "IQX7181"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "QCA0000"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "QCM5430"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "QCM6490"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "Qualcomm Video Collaboration VC3 Platform"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "SC8380XP"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "Snapdragon 7c+ Gen 3 Compute"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "Snapdragon 8cx Gen 3 Compute Platform"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WCD9370"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WCD9375"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WCD9378C"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WCD9380"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WCD9385"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WSA8830"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WSA8835"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WSA8840"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WSA8845"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "WSA8845H"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "X2000077"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "X2000086"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "X2000090"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "X2000092"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "X2000094"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "XG101002"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "XG101032"}}, {"platform": ["snapdragon_compute", "snapdragon_industrial_iot"], "status": "affected", "versions": {"scheme": "generic", "value": "XG101039"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Snapdragon", "source": "cna", "vendor": "Qualcomm, Inc."}, "product": "snapdragon", "vendor": "qualcomm"}], "created": "2026-05-04T18:30:06.107961+00:00", "updated": "2026-05-04T20:15:07.934391+00:00", "vendors": ["qualcomm", "qualcomm$PRODUCT$snapdragon"]}