Memory Corruption in Qualcomm Products Due to ELF Image Processing
CVE-2025-47372

9CRITICAL

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 18 December 2025

What is CVE-2025-47372?

A serious memory corruption vulnerability has been identified in Qualcomm's software when processing a corrupted ELF image. This issue arises when an oversized ELF file is read into a buffer without proper authentication checks. The flaw poses significant risks as it can lead to unintended behavior in the affected systems and may be exploited by malicious entities to compromise the integrity and reliability of the software. Users of Qualcomm products are advised to implement appropriate security measures and stay updated with the latest patches to mitigate this risk.

Affected Version(s)

Snapdragon Snapdragon Auto QAM8255P

Snapdragon Snapdragon Auto QAM8620P

Snapdragon Snapdragon Auto QAM8650P

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2025
Vulnerability Reserved
May 6, 2025

JSON