CVE-2025-47319
published 2025-12-18CVE-2025-47319: Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
PriorityP424medium6.7CVSS 3.1
AVLACLPRHUINSCCHILAN
EPSS
0.08%
0.3th percentile
Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
Affected
120 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| linux | linux_kernel | >= 0 < 4.4.0-273.307 | 4.4.0-273.307 |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
CVSS provenance
nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N
osv5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Android
CVE-2025-47319: Closed-source component
vendor_android·2025-12-01·CVSS 6.7
CVE-2025-47319 [MEDIUM] CVE-2025-47319: Closed-source component
Android Security Bulletin 2025-12-01
CVE: CVE-2025-47319
Severity: CRITICAL
Component: Closed-source component
References: A-421905250*
GHSA
GHSA-v8xj-9mr9-jmpq: Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
ghsa_unreviewed·2025-12-18
CVE-2025-47319 [MEDIUM] CWE-497 GHSA-v8xj-9mr9-jmpq: Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
OSV
linux-aws vulnerabilities
osv·2025-10-21·CVSS 5.5
CVE-2025-38618 linux-aws vulnerabilities
linux-aws vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Virtio block driver;
- Media drivers;
- Network drivers;
- Framebuffer layer;
- BTRFS file system;
- Ext4 file system;
- Network file system (NFS) server daemon;
- Packet sockets;
- VMware vSockets driver;
(CVE-2025-38618, CVE-2024-35849, CVE-2025-37785, CVE-2024-49924,
CVE-2025-38617, CVE-2024-27078, CVE-2021-47149, CVE-2021-47319,
CVE-2025-21796, CVE-2021-47589)
OSV
linux-aws, linux-lts-xenial vulnerabilities
osv·2025-10-02·CVSS 5.5
CVE-2024-49924 linux-aws, linux-lts-xenial vulnerabilities
linux-aws, linux-lts-xenial vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Virtio block driver;
- Media drivers;
- Network drivers;
- Framebuffer layer;
- BTRFS file system;
- Ext4 file system;
- Network file system (NFS) server daemon;
- Packet sockets;
- VMware vSockets driver;
(CVE-2024-49924, CVE-2021-47149, CVE-2025-21796, CVE-2025-38617,
CVE-2021-47589, CVE-2021-47319, CVE-2024-27078, CVE-2025-38618,
CVE-2025-37785, CVE-2024-35849)
OSV
linux, linux-kvm vulnerabilities
osv·2025-10-02·CVSS 5.5
CVE-2025-38618 linux, linux-kvm vulnerabilities
linux, linux-kvm vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Virtio block driver;
- Media drivers;
- Network drivers;
- Framebuffer layer;
- BTRFS file system;
- Ext4 file system;
- Network file system (NFS) server daemon;
- Packet sockets;
- VMware vSockets driver;
(CVE-2025-38618, CVE-2024-35849, CVE-2025-37785, CVE-2024-49924,
CVE-2025-38617, CVE-2024-27078, CVE-2021-47149, CVE-2021-47319,
CVE-2025-21796, CVE-2021-47589)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-12-18
Published