CVE-2025-47407
published 2026-05-04CVE-2025-47407: Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
PriorityP433high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
EPSS
0.05%
0.0th percentile
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
Affected
100 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Qualcomm Snapdragon Compute up to XRV9209 toctou
vuldb·2026-05-04·CVSS 7.8
CVE-2025-47407 [HIGH] Qualcomm Snapdragon Compute up to XRV9209 toctou
A vulnerability marked as critical has been reported in Qualcomm Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon MC, Snapdragon Mobile, Snapdragon WBC and Snapdragon Wearables. This issue affects some unknown processing. This manipulation causes time-of-check time-of-use.
This vulnerability is tracked as CVE-2025-47407. The attack is restricted to local execution. No exploit exists.
It is suggested to upgrade the affected component.
GHSA
GHSA-r2r9-jprh-4p9h: Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level
ghsa_unreviewed·2026-05-04
CVE-2025-47407 [HIGH] CWE-367 GHSA-r2r9-jprh-4p9h: Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-04
Published