CVE-2025-27038

HIGH CISA KEV EPSS 52.1%
Published Jun 3, 20251y ago ยท Modified Jun 17, 20262w ago
7.5 CVSS 3.1
High
Find Similar
Published Jun 3, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
KEV Listed Jun 3, 2025 1y ago
KEV Due Jun 24, 2025 375d overdue

Description

Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.

CVSS Details

Base Score
7.5
Exploitability
1.6
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

CISA Known Exploited Overdue 375d
Added
Jun 3, 2025
Due
Jun 24, 2025

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

EPSS Exploit Probability
52.1% percentile
Exploit & Patch Status
Actively Exploited (KEV)
No Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 88

VendorProductVersionRange
qualcommar8031_firmware*any
qualcommar8031*any
qualcommcsra6620_firmware*any
qualcommcsra6620*any
qualcommcsra6640_firmware*any
qualcommcsra6640*any
qualcommfastconnect_7800_firmware*any
qualcommfastconnect_7800*any
qualcommqca2066_firmware*any
qualcommqca2066*any
qualcommqca6391_firmware*any
qualcommqca6391*any
qualcommqcm6125_firmware*any
qualcommqcm6125*any
qualcommqcm8550_firmware*any
qualcommqcm8550*any
qualcommqcn9011_firmware*any
qualcommqcn9011*any
qualcommqcn9012_firmware*any
qualcommqcn9012*any
qualcommqcs6125_firmware*any
qualcommqcs6125*any
qualcommqcs8550_firmware*any
qualcommqcs8550*any
qualcommvideo_collaboration_vc1_platform_firmware*any
qualcommvideo_collaboration_vc1_platform*any
qualcommsm6475_firmware*any
qualcommsm6475*any
qualcommsm6650_firmware*any
qualcommsm6650*any
qualcommsm6650p_firmware*any
qualcommsm6650p*any
qualcommsm7435_firmware*any
qualcommsm7435*any
qualcommsm7635_firmware*any
qualcommsm7635*any
qualcommsm7635p_firmware*any
qualcommsm7635p*any
qualcommsmart_audio_400_platform_firmware*any
qualcommsmart_audio_400_platform*any
qualcommsnapdragon_4_gen_2_mobile_platform_firmware*any
qualcommsnapdragon_4_gen_2_mobile_platform*any
qualcommsnapdragon_6_gen_1_mobile_platform_firmware*any
qualcommsnapdragon_6_gen_1_mobile_platform*any
qualcommsnapdragon_680_4g_mobile_platform_firmware*any
qualcommsnapdragon_680_4g_mobile_platform*any
qualcommsnapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware*any
qualcommsnapdragon_685_4g_mobile_platform_\(sm6225-ad\)*any
qualcommsnapdragon_w5\+_gen_1_wearable_platform_firmware*any
qualcommsnapdragon_w5\+_gen_1_wearable_platform*any
qualcommsw5100_firmware*any
qualcommsw5100*any
qualcommsw5100p_firmware*any
qualcommsw5100p*any
qualcommwcd9335_firmware*any
qualcommwcd9335*any
qualcommwcd9370_firmware*any
qualcommwcd9370*any
qualcommwcd9375_firmware*any
qualcommwcd9375*any
qualcommwcd9378_firmware*any
qualcommwcd9378*any
qualcommwcd9385_firmware*any
qualcommwcd9385*any
qualcommwcd9395_firmware*any
qualcommwcd9395*any
qualcommwcn3950_firmware*any
qualcommwcn3950*any
qualcommwcn3980_firmware*any
qualcommwcn3980*any
qualcommwcn3988_firmware*any
qualcommwcn3988*any
qualcommwcn6650_firmware*any
qualcommwcn6650*any
qualcommwcn6740_firmware*any
qualcommwcn6740*any
qualcommwcn6755_firmware*any
qualcommwcn6755*any
qualcommwsa8810_firmware*any
qualcommwsa8810*any
qualcommwsa8815_firmware*any
qualcommwsa8815*any
qualcommwsa8830_firmware*any
qualcommwsa8830*any
qualcommwsa8832_firmware*any
qualcommwsa8832*any
qualcommwsa8835_firmware*any
qualcommwsa8835*any

References 2

  • docs.qualcomm.com https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html
    Vendor Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-27038
    US Government Resource

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.