CVE-2025-47379
Published: 02 March 2026
Summary
CVE-2025-47379 is a high-severity Use After Free (CWE-416) vulnerability in Qualcomm Sa8295P Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Implements memory protection mechanisms such as non-executable memory and address randomization to directly prevent exploitation of use-after-free memory corruption in shared buffers.
Requires timely remediation of flaws through vendor patches, directly addressing the specific synchronization defect in Qualcomm components as outlined in the security bulletin.
Prevents unauthorized and unintended information transfer via shared system resources, mitigating risks from concurrent access to improperly synchronized shared buffers.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Use-after-free memory corruption in Qualcomm components enables local arbitrary code execution for privilege escalation.
NVD Description
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
Deeper analysisAI
CVE-2025-47379 is a memory corruption vulnerability stemming from improper synchronization between the assignment and deallocation of shared buffer resources, which allows concurrent access to the buffer. This issue, classified under CWE-416 (Use After Free), affects certain Qualcomm components as detailed in the vendor's security bulletin. The vulnerability received a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact.
A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation could result in high confidentiality, integrity, and availability impacts, such as arbitrary code execution, data tampering, or system crashes on the affected device.
Qualcomm's March 2026 security bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html provides guidance on mitigation, including recommended patches and updates for affected products. Security practitioners should review the bulletin for specific firmware or driver updates applicable to their environments.
Details
- CWE(s)