CVE-2025-47397
Published: 02 February 2026
Summary
CVE-2025-47397 is a high-severity Missing Release of Memory after Effective Lifetime (CWE-401) vulnerability in Qualcomm Ar8031 Firmware. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Implements memory protection mechanisms that directly prevent unauthorized memory access and corruption arising from unchecked IOMMU mapping errors in GPU scatter-gather operations.
Validates scatter-gather list inputs to the GPU memory mapping process, preventing exploitation through malformed or unchecked data leading to IOMMU errors.
Requires timely flaw remediation via patching for this specific Qualcomm GPU vulnerability, eliminating the unchecked IOMMU mapping error.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local memory corruption vulnerability with low-priv access enabling arbitrary code execution and privilege escalation on affected systems.
NVD Description
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
Deeper analysisAI
CVE-2025-47397 is a memory corruption vulnerability that arises when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors. It is associated with CWE-401 (Memory Leak) and affects components in Qualcomm products, as documented in their security advisories. The vulnerability received a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity with significant impacts on confidentiality, integrity, and availability.
A local attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction required. Exploitation involves triggering the faulty GPU memory mapping process, leading to memory corruption that could enable arbitrary code execution, data tampering, or system crashes within the affected scope.
The Qualcomm February 2026 security bulletin provides details on affected products and mitigation, available at https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2026-bulletin.html. Security practitioners should consult this advisory for patch information and apply updates promptly to vulnerable devices.
Details
- CWE(s)