Use After Free in Automotive Software platform based on QNX

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Memory corruption while handling repeated memory unmap requests from guest VM.

Basic Information

ID CVE-2025-47315

Source qualcomm

Published Sep 24, 2025 at 15:33

Affected Product

Vendor Qualcomm, Inc.

Product Snapdragon

Version QAM8255P

Affected Versions Qualcomm, Inc. Snapdragon QAM8255P
Qualcomm, Inc. Snapdragon QAM8295P
Qualcomm, Inc. Snapdragon QAM8620P
Qualcomm, Inc. Snapdragon QAM8650P
Qualcomm, Inc. Snapdragon QAM8775P
Qualcomm, Inc. Snapdragon QAMSRV1H
Qualcomm, Inc. Snapdragon QAMSRV1M
Qualcomm, Inc. Snapdragon QCA6574AU
Qualcomm, Inc. Snapdragon QCA6595
Qualcomm, Inc. Snapdragon QCA6595AU
Qualcomm, Inc. Snapdragon QCA6688AQ
Qualcomm, Inc. Snapdragon QCA6696
Qualcomm, Inc. Snapdragon QCA6698AQ
Qualcomm, Inc. Snapdragon QCA6797AQ
Qualcomm, Inc. Snapdragon SA7255P
Qualcomm, Inc. Snapdragon SA7775P
Qualcomm, Inc. Snapdragon SA8255P
Qualcomm, Inc. Snapdragon SA8295P
Qualcomm, Inc. Snapdragon SA8540P
Qualcomm, Inc. Snapdragon SA8620P
Qualcomm, Inc. Snapdragon SA8650P
Qualcomm, Inc. Snapdragon SA8770P
Qualcomm, Inc. Snapdragon SA8775P
Qualcomm, Inc. Snapdragon SA9000P
Qualcomm, Inc. Snapdragon SRV1H
Qualcomm, Inc. Snapdragon SRV1L
Qualcomm, Inc. Snapdragon SRV1M

CWE Classification

CWE-416

References

docs.qualcomm.com /product/publicresources/securitybulletin/september-2025-bulletin.html

{
    "lastseen": "",
    "description": "Memory corruption while handling repeated memory unmap requests from guest VM.",
    "published": "2025-09-24T15:33:47.312Z",
    "modified": "2025-09-24T15:33:47.312Z",
    "type": "cve",
    "title": "Use After Free in Automotive Software platform based on QNX",
    "source": "qualcomm",
    "references": "https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2025-bulletin.html",
    "id": "CVE-2025-47315",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416"
    ],
    "cvelist": null,
    "sourceData": "Qualcomm, Inc. Snapdragon QAM8255P\nQualcomm, Inc. Snapdragon QAM8295P\nQualcomm, Inc. Snapdragon QAM8620P\nQualcomm, Inc. Snapdragon QAM8650P\nQualcomm, Inc. Snapdragon QAM8775P\nQualcomm, Inc. Snapdragon QAMSRV1H\nQualcomm, Inc. Snapdragon QAMSRV1M\nQualcomm, Inc. Snapdragon QCA6574AU\nQualcomm, Inc. Snapdragon QCA6595\nQualcomm, Inc. Snapdragon QCA6595AU\nQualcomm, Inc. Snapdragon QCA6688AQ\nQualcomm, Inc. Snapdragon QCA6696\nQualcomm, Inc. Snapdragon QCA6698AQ\nQualcomm, Inc. Snapdragon QCA6797AQ\nQualcomm, Inc. Snapdragon SA7255P\nQualcomm, Inc. Snapdragon SA7775P\nQualcomm, Inc. Snapdragon SA8255P\nQualcomm, Inc. Snapdragon SA8295P\nQualcomm, Inc. Snapdragon SA8540P\nQualcomm, Inc. Snapdragon SA8620P\nQualcomm, Inc. Snapdragon SA8650P\nQualcomm, Inc. Snapdragon SA8770P\nQualcomm, Inc. Snapdragon SA8775P\nQualcomm, Inc. Snapdragon SA9000P\nQualcomm, Inc. Snapdragon SRV1H\nQualcomm, Inc. Snapdragon SRV1L\nQualcomm, Inc. Snapdragon SRV1M",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Snapdragon",
    "version": "QAM8255P",
    "vendor": "Qualcomm, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Use After Free in Automotive Software platform based on QNX_CVE-2025-47315