Buffer Copy Without Checking Size of Input in Camera

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.

Basic Information

ID CVE-2025-47399

Source qualcomm

Published Feb 2, 2026 at 15:20

Affected Product

Vendor Qualcomm, Inc.

Product Snapdragon

Version Cologne

Affected Versions Qualcomm, Inc. Snapdragon Cologne
Qualcomm, Inc. Snapdragon FastConnect 7800
Qualcomm, Inc. Snapdragon WCD9378C
Qualcomm, Inc. Snapdragon WSA8840
Qualcomm, Inc. Snapdragon WSA8845
Qualcomm, Inc. Snapdragon WSA8845H
Qualcomm, Inc. Snapdragon X2000077
Qualcomm, Inc. Snapdragon X2000086
Qualcomm, Inc. Snapdragon X2000090
Qualcomm, Inc. Snapdragon X2000092
Qualcomm, Inc. Snapdragon X2000094
Qualcomm, Inc. Snapdragon XG101002
Qualcomm, Inc. Snapdragon XG101032
Qualcomm, Inc. Snapdragon XG101039

CWE Classification

CWE-120

References

docs.qualcomm.com /product/publicresources/securitybulletin/february-2026-bulletin.html

{
    "lastseen": "",
    "description": "Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.",
    "published": "2026-02-02T15:20:45.927Z",
    "modified": "2026-02-02T15:20:45.927Z",
    "type": "cve",
    "title": "Buffer Copy Without Checking Size of Input in Camera",
    "source": "qualcomm",
    "references": "https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2026-bulletin.html",
    "id": "CVE-2025-47399",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120"
    ],
    "cvelist": null,
    "sourceData": "Qualcomm, Inc. Snapdragon Cologne\nQualcomm, Inc. Snapdragon FastConnect 7800\nQualcomm, Inc. Snapdragon WCD9378C\nQualcomm, Inc. Snapdragon WSA8840\nQualcomm, Inc. Snapdragon WSA8845\nQualcomm, Inc. Snapdragon WSA8845H\nQualcomm, Inc. Snapdragon X2000077\nQualcomm, Inc. Snapdragon X2000086\nQualcomm, Inc. Snapdragon X2000090\nQualcomm, Inc. Snapdragon X2000092\nQualcomm, Inc. Snapdragon X2000094\nQualcomm, Inc. Snapdragon XG101002\nQualcomm, Inc. Snapdragon XG101032\nQualcomm, Inc. Snapdragon XG101039",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Snapdragon",
    "version": "Cologne",
    "vendor": "Qualcomm, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Buffer Copy Without Checking Size of Input in Camera_CVE-2025-47399