CVE CVE

CVE-2025-27038

CISA Known Exploited Vulnerability (KEV)

Qualcomm Multiple Chipsets Use-After-Free Vulnerability

June 3, 2025

June 24, 2025

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.

Weakness Enumeration

CWE-ID CWE Name

CWE-416
Use After Free

Known Affected Software Configurations


cpe:2.3:o:qualcomm:sm6650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:sm7635_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_(sm6225-ad)_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:snapdragon_6_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:sm7435_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:snapdragon_4_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:smart_audio_400_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:snapdragon_w5+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*

cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*

Details

Source:
NVD
Published:
Updated:

Risk information

CVSS v3

Base score:
7.5
Severity:

HIGH

Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2

Not defined