Industrial
CVE-2025-47398
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
AnalysisAI
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. [CVSS 7.8 HIGH]
Technical ContextAI
Classified as CWE-416 (Use After Free). Affects Qcm6490 Firmware. Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
RemediationAI
A vendor patch is available — apply it immediately.
More in Industrial
View allKede Electronics IoT smart water meter monitoring platform v1.0 has a SQL injection allowing attackers to compromise the
bulk_extractor digital forensics tool starting from version 1.4 has a heap buffer overflow in its embedded unrar code th
RustCrypto CMOV before 0.4.4 emits non-constant-time assembly on ARM Cortex-M0/M0+/M1 targets. Cryptographic operations
dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local buffer overflow vulnerability that allows attackers to over
SQL injection in Koko Analytics for WordPress prior to version 2.1.3 allows unauthenticated attackers to inject maliciou
RustCrypto's SM2 elliptic curve implementation in versions 0.14.0-pre.0 and 0.14.0-rc.0 is vulnerable to denial-of-servi
free5GC SMF versions up to 1.4.1 crash when receiving malformed PFCP SessionReportRequest packets on UDP port 8805, allo
free5GC SMF versions up to 1.4.1 crash when processing malformed PFCP SessionReportRequest messages on the UDP/8805 inte
free5GC SMF versions up to 1.4.1 crash when processing malformed PFCP SessionReportRequest messages on the PFCP interfac
INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that ca
Mailpit versions up to 1.28.2 contains a vulnerability that allows attackers to intercept sensitive data such as email c
Authentication bypass via path traversal in ZBT WE2001 router's check_token function. EPSS 0.69% — crafted requests bypa
Same weakness CWE-416 – Use After Free
View allSame technique Memory Corruption
View allShare
External POC / Exploit Code
Leaving vuln.today