Skip to main content

Qamsrv1h Firmware CVE-2025-47393

HIGH
Improper Validation of Array Index (CWE-129)
2026-01-07 product-security@qualcomm.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 07, 2026 - 12:17 nvd
HIGH 7.8

DescriptionCVE.org

Memory corruption when accessing resources in kernel driver.

AnalysisAI

Memory corruption when accessing resources in kernel driver. [CVSS 7.8 HIGH]

Technical ContextAI

Classified as CWE-129 (Improper Validation of Array Index). Affects Qam8255P Firmware. Memory corruption when accessing resources in kernel driver.

RemediationAI

Monitor vendor advisories for a patch.

CVE-2026-21385 HIGH POC
7.8 Mar 02

A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memo

CVE-2024-21480 CRITICAL
9.8 May 06

Memory corruption while playing audio file having large-sized input buffer. Rated critical severity (CVSS 9.8), this vul

CVE-2024-21463 CRITICAL
9.8 Apr 01

Memory corruption while processing Codec2 during v13k decoder pitch synthesis. Rated critical severity (CVSS 9.8), this

CVE-2024-38408 CRITICAL
9.1 Nov 04

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critic

CVE-2024-21456 CRITICAL
9.1 Jul 01

Information Disclosure while parsing beacon frame in STA. Rated critical severity (CVSS 9.1), this vulnerability is remo

CVE-2025-47345 HIGH
8.4 Jan 07

Cryptographic issue may occur while encrypting license data. [CVSS 8.4 HIGH]

CVE-2024-33035 HIGH
8.4 Sep 02

Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.

CVE-2024-23365 HIGH
8.4 Sep 02

Memory corruption while releasing shared resources in MinkSocket listener thread. Rated high severity (CVSS 8.4), this v

CVE-2024-23384 HIGH
8.4 Aug 05

Memory corruption when the mapped pages in VBO are still mapped after reclaiming by shrinker. Rated high severity (CVSS

CVE-2024-21481 HIGH
8.4 Aug 05

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. Rated high severity (

CVE-2024-45552 HIGH
8.2 Apr 07

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t

CVE-2024-53026 HIGH
8.2 Jun 03

CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL

Share

CVE-2025-47393 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy