Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed

Permalink CVE-2025-47381

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

updated 2 weeks, 6 days ago by @LeSuisse Activity log

Created automatic suggestion 2 weeks, 6 days ago
@LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
@LeSuisse dismissed 2 weeks, 6 days ago

Use After Free in Automotive Audio

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-b…

Affected products

Snapdragon

==QAM8255P
==QCA6696
==SA8620P
==LeMansAU
==QCA6595AU
==QCA6595
==SA8255P
==SRV1M
==QAMSRV1M
==SA9000P
==SA7255P
==SA8195P
==SA6155P
==SA8770P
==QCA9367
==QCA6574
==SRV1H
==QCA6574AU
==QCA6574A
==SA7775P
==QAMSRV1H
==QCA6688AQ
==LeMans_AU_LGIT
==QCA9377
==SA8155P

Ignored packages (1)

pkgs.snapdragon-profiler

An profiler for Android devices running Snapdragon chips

nixos-unstable 2021.2
- nixpkgs-unstable 2021.2
- nixos-unstable-small 2021.2
nixos-25.11 2021.2
- nixos-25.11-small 2021.2
- nixpkgs-25.11-darwin 2021.2

Not present in nixpkgs