CVE-2025-47358

moderate-risk

Published 2026-02-02

Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Fastconnect 6900 Firmware

Fastconnect 7800 Firmware

Qcc2072 Firmware

Sc8380Xp Firmware

Snapdragon 8Cx Gen 3 Compute Platform Firmware

Wcd9378C Firmware

Wcd9380 Firmware

Wcd9385 Firmware

Wsa8830 Firmware

Wsa8835 Firmware

Wsa8840 Firmware

Wsa8845 Firmware

Wsa8845H Firmware

X2000077 Firmware

X2000086 Firmware

X2000090 Firmware

X2000092 Firmware

X2000094 Firmware

Xg101002 Firmware

Xg101032 Firmware

Qualcomm

Vendor Advisory https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2026...

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 0/34 · Minimal

Exposure 20/34 · Moderate