CVE-2025-47406 PUBLISHED

Buffer Over-read in DSP Service

Assigner: qualcomm
Reserved: 06.05.2025 Published: 04.05.2026 Updated: 04.05.2026

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
CVSS Score: 6.1

CVSS 3.1

Vendor	Qualcomm, Inc.
Product	Snapdragon
Versions	Default: unaffected Version Cologne is affected Version FastConnect 6700 is affected Version FastConnect 6900 is affected Version FastConnect 7800 is affected Version IQX5121 is affected Version IQX7181 is affected Version QCA0000 is affected Version QCM5430 is affected Version QCM6490 is affected Version Qualcomm Video Collaboration VC3 Platform is affected Version SC8380XP is affected Version Snapdragon 7c+ Gen 3 Compute is affected Version Snapdragon 8cx Gen 3 Compute Platform is affected Version WCD9370 is affected Version WCD9375 is affected Version WCD9378C is affected Version WCD9380 is affected Version WCD9385 is affected Version WSA8830 is affected Version WSA8835 is affected Version WSA8840 is affected Version WSA8845 is affected Version WSA8845H is affected Version X2000077 is affected Version X2000086 is affected Version X2000090 is affected Version X2000092 is affected Version X2000094 is affected Version XG101002 is affected Version XG101032 is affected Version XG101039 is affected