CVE-2025-47376
Published: 02 March 2026
Summary
CVE-2025-47376 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Ar8031 Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-4 (Information in Shared System Resources) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Implements memory protection mechanisms such as address space layout randomization and data execution prevention that directly mitigate use-after-free vulnerabilities from concurrent access to shared buffers during IOCTL calls.
Prevents unauthorized and unintended information transfer or modification via shared system resources like buffers used in IOCTL operations, addressing concurrent access race conditions.
Mandates timely flaw remediation through application of Qualcomm's vendor-specific patches for this memory corruption vulnerability as detailed in their security bulletin.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local UAF in Qualcomm IOCTL driver directly provides arbitrary kernel code execution from low-privileged user context, enabling privilege escalation.
NVD Description
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
Deeper analysisAI
CVE-2025-47376 is a memory corruption vulnerability caused by concurrent access to a shared buffer during IOCTL calls, classified under CWE-416 (Use After Free). It affects Qualcomm components, as detailed in the vendor's security bulletin.
The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating it can be exploited by a local attacker with low privileges and low complexity, requiring no user interaction. Successful exploitation allows high-impact compromise of confidentiality, integrity, and availability, potentially enabling arbitrary code execution or system crashes through manipulated IOCTL operations.
Qualcomm's March 2026 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html provides details on affected products and recommended mitigations or patches. Security practitioners should consult this advisory for version-specific remediation steps.
Details
- CWE(s)