Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
AnalysisAI
Local privilege escalation in Qualcomm Snapdragon chipsets allows authenticated users to corrupt kernel memory during digital signal processor (DSP) process creation, leading to arbitrary code execution with high confidentiality, integrity, and availability impact. The vulnerability exploits allocation failure handling at kernel level. Qualcomm has published a security bulletin with remediation details for the May 2026 bulletin cycle. No active exploitation or public exploit code identified at time of analysis, though EPSS data not available to assess probabilistic risk.
Technical ContextAI
This vulnerability affects the Digital Signal Processor (DSP) subsystem found in Qualcomm Snapdragon chipsets, which are system-on-chip platforms widely used in mobile devices, IoT devices, and embedded systems. The vulnerability is a Time-of-Check Time-of-Use (TOCTOU) race condition (CWE-367) occurring during DSP process creation when kernel-level memory allocation fails. DSPs handle computationally intensive tasks like signal processing, audio/video codecs, and sensor fusion. The race condition allows an attacker with local system access to manipulate memory state between validation and use, corrupting kernel memory structures. The CPE identifier indicates broad impact across Qualcomm Snapdragon product lines, though specific affected chipset models and firmware versions are detailed in the vendor bulletin. The kernel-level nature means successful exploitation breaks out of user-space constraints to achieve kernel code execution.
RemediationAI
Apply firmware updates containing Qualcomm's patch for CVE-2025-47407 as documented in the May 2026 Security Bulletin at https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html. Device owners should check with their OEM vendor for device-specific firmware updates incorporating this fix, as Qualcomm supplies patches to manufacturers who then release them to end users. For enterprise mobile device management, prioritize update deployment to devices with multiple user accounts, administrative privileges, or access to sensitive data. If patches are unavailable for legacy devices no longer receiving updates, compensating controls include restricting local user access, disabling unnecessary DSP-dependent features if operationally feasible (noting this may impact multimedia and sensor functionality), enforcing application sandboxing through SELinux or equivalent mandatory access controls, and monitoring for abnormal DSP process creation patterns through kernel audit logs. Consider decommissioning unpatched devices in high-security contexts where local access by potentially untrusted users is possible. Note that disabling DSP features may significantly degrade device multimedia performance and sensor capabilities.
More in Snapdragon
View allBuffer overflow in Qualcomm Snapdragon firmware enables authentication bypass on adjacent networks, allowing remote unau
Memory corruption in Qualcomm Snapdragon Strongbox component allows local low-privileged attackers to trigger a buffer o
Local privilege escalation in Qualcomm Snapdragon chipsets stems from an out-of-bounds memory access in the Strongbox tr
Memory corruption in Qualcomm Snapdragon chipsets allows adjacent network attackers to achieve arbitrary code execution
Bootloader integrity bypass in Qualcomm Snapdragon platforms allows a high-privileged local attacker to write to a speci
Local privilege escalation in Qualcomm Snapdragon platforms is possible through memory corruption when processing multip
Local privilege escalation in Qualcomm Snapdragon platforms stems from an out-of-bounds read (CWE-125) triggered during
Local privilege escalation and memory corruption in Qualcomm Snapdragon platforms allows an attacker with low-privileged
Local privilege escalation via memory corruption in Qualcomm Snapdragon platform components allows an authenticated low-
Local memory corruption in Qualcomm Snapdragon platforms (CVE-2025-59604) allows a low-privileged local attacker to trig
Use-after-free vulnerability in Qualcomm Snapdragon chipsets enables local privilege escalation to achieve full device c
Memory corruption in Qualcomm Snapdragon allows local authenticated attackers with low privileges to achieve arbitrary c
Same technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209632