TROYANOSYVIRUS
Volver a CVEs

CVE-2025-27038

HIGHCISA KEV
7.5

Descripcion

Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.

Detalles CVE

Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadHIGH
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado6/3/2025
Ultima modificacion10/27/2025
Fuentekev
Avistamientos honeypot0

CISA KEV

VendedorQualcomm
ProductoMultiple Chipsets
Nombre vulnerabilidadQualcomm Multiple Chipsets Use-After-Free Vulnerability
Fecha inclusion KEV2025-06-03
Fecha limite remediacion2025-06-24
Uso en ransomwareUnknown

Productos afectados

qualcomm:ar8031qualcomm:ar8031_firmwarequalcomm:csra6620qualcomm:csra6620_firmwarequalcomm:csra6640qualcomm:csra6640_firmwarequalcomm:fastconnect_7800qualcomm:fastconnect_7800_firmwarequalcomm:qca2066qualcomm:qca2066_firmwarequalcomm:qca6391qualcomm:qca6391_firmwarequalcomm:qcm6125qualcomm:qcm6125_firmwarequalcomm:qcm8550qualcomm:qcm8550_firmwarequalcomm:qcn9011qualcomm:qcn9011_firmwarequalcomm:qcn9012qualcomm:qcn9012_firmwarequalcomm:qcs6125qualcomm:qcs6125_firmwarequalcomm:qcs8550qualcomm:qcs8550_firmwarequalcomm:sm6475qualcomm:sm6475_firmwarequalcomm:sm6650qualcomm:sm6650_firmwarequalcomm:sm6650pqualcomm:sm6650p_firmwarequalcomm:sm7435qualcomm:sm7435_firmwarequalcomm:sm7635qualcomm:sm7635_firmwarequalcomm:sm7635pqualcomm:sm7635p_firmwarequalcomm:smart_audio_400_platformqualcomm:smart_audio_400_platform_firmwarequalcomm:snapdragon_4_gen_2_mobile_platformqualcomm:snapdragon_4_gen_2_mobile_platform_firmwarequalcomm:snapdragon_680_4g_mobile_platformqualcomm:snapdragon_680_4g_mobile_platform_firmwarequalcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\)qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwarequalcomm:snapdragon_6_gen_1_mobile_platformqualcomm:snapdragon_6_gen_1_mobile_platform_firmwarequalcomm:snapdragon_w5\+_gen_1_wearable_platformqualcomm:snapdragon_w5\+_gen_1_wearable_platform_firmwarequalcomm:sw5100qualcomm:sw5100_firmwarequalcomm:sw5100pqualcomm:sw5100p_firmwarequalcomm:video_collaboration_vc1_platformqualcomm:video_collaboration_vc1_platform_firmwarequalcomm:wcd9335qualcomm:wcd9335_firmwarequalcomm:wcd9370qualcomm:wcd9370_firmwarequalcomm:wcd9375qualcomm:wcd9375_firmwarequalcomm:wcd9378qualcomm:wcd9378_firmwarequalcomm:wcd9385qualcomm:wcd9385_firmwarequalcomm:wcd9395qualcomm:wcd9395_firmwarequalcomm:wcn3950qualcomm:wcn3950_firmwarequalcomm:wcn3980qualcomm:wcn3980_firmwarequalcomm:wcn3988qualcomm:wcn3988_firmwarequalcomm:wcn6650qualcomm:wcn6650_firmwarequalcomm:wcn6740qualcomm:wcn6740_firmwarequalcomm:wcn6755qualcomm:wcn6755_firmwarequalcomm:wsa8810qualcomm:wsa8810_firmwarequalcomm:wsa8815qualcomm:wsa8815_firmwarequalcomm:wsa8830qualcomm:wsa8830_firmwarequalcomm:wsa8832qualcomm:wsa8832_firmwarequalcomm:wsa8835qualcomm:wsa8835_firmware

Debilidades (CWE)

CWE-416

Referencias

https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html(product-security@qualcomm.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-27038(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.