CVE-2025-47343— Untrusted Pointer Dereference in Video
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-47343
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Untrusted Pointer Dereference in Video
Source: NVD (National Vulnerability Database)
Vulnerability Description
Memory corruption while processing a video session to set video parameters.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
非可信指针解引用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Qualcomm Chipsets 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Qualcomm Chipsets是美国高通(Qualcomm)公司的一系列芯片组。 Qualcomm Chipsets存在安全漏洞,该漏洞源于处理视频会话以设置视频参数时发生内存损坏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon | Cologne | - |
II. Public POCs for CVE-2025-47343
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-47343
请登录查看更多情报信息。
Same Patch Batch · Qualcomm, Inc. · 2026-01-06 · 22 CVEs total
| CVE-2025-47345 | 8.4 HIGH | Reusing a Nonce, Key Pair in Encryption in Automotive Platform |
| CVE-2025-47394 | 7.8 HIGH | Buffer Copy Without Checking Size of Input in DSP Service |
| CVE-2025-47339 | 7.8 HIGH | Use After Free in HLOS |
| CVE-2025-47348 | 7.8 HIGH | Use of Uninitialized Variable in HLOS |
| CVE-2025-47346 | 7.8 HIGH | Out-of-bounds Write in HLOS |
| CVE-2025-47356 | 7.8 HIGH | Double Free in Video |
| CVE-2025-47380 | 7.8 HIGH | Untrusted Pointer Dereference in Camera |
| CVE-2025-47388 | 7.8 HIGH | Buffer Copy without Checking Size of Input in DSP Service |
| CVE-2025-47393 | 7.8 HIGH | Improper Validation of Array Index in Automotive Linux OS |
| CVE-2025-47396 | 7.8 HIGH | Double Free in Graphics |
| CVE-2025-47344 | 6.7 MEDIUM | Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver |
| CVE-2025-47337 | 6.7 MEDIUM | Use After Free in Camera Driver |
| CVE-2025-47336 | 6.7 MEDIUM | Use After Free in Camera Driver |
| CVE-2025-47335 | 6.7 MEDIUM | Buffer Copy Without Checking Size of Input in Camera Driver |
| CVE-2025-47334 | 6.7 MEDIUM | Buffer Copy Without Checking Size of Input in Camera Driver |
| CVE-2025-47332 | 6.7 MEDIUM | Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver |
| CVE-2025-47333 | 6.6 MEDIUM | Use After Free in HLOS |
| CVE-2025-47395 | 6.5 MEDIUM | Buffer Over-read in WLAN Firmware |
| CVE-2025-47331 | 6.1 MEDIUM | Buffer Over-read in Video |
| CVE-2025-47369 | 5.5 MEDIUM | Information Exposure in Computer Vision |
Showing top 20 of 22 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Snapdragon
Same vendor: Qualcomm, Inc.
Same weakness: CWE-822
- CVE-2025-47408
Untrusted Pointer Dereference in Power Optimization Firmware - CVE-2025-47405
Untrusted Pointer Dereference in Camera - CVE-2026-33114
Microsoft Word Remote Code Execution Vulnerability - CVE-2026-32077
Windows UPnP Device Host Elevation of Privilege Vulnerabilit - CVE-2026-27920
Windows UPnP Device Host Elevation of Privilege Vulnerabilit
V. Comments for CVE-2025-47343
No comments yet