Qualcomm Multiple Chipsets Use-After-Free Vulnerability (CVE-2025-27038)

Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adreno GPU drivers in Chrome.

Published Jun 3, 2025 · Updated May 17, 2026

Why patchRisk explained in plain English

Worst-case scenarioIf unpatched

A remote attacker, without authentication, can achieve full data confidentiality loss, arbitrary modification of data, complete denial of service or system unavailability. Federal agencies are required to remediate by 2025-06-24 under CISA BOD 22-01.

How the attack worksNo clicks needed

This is a Use After Free (CWE-416) vulnerability in Qualcomm Multiple Chipsets. Memory corruption while rendering graphics using Adreno GPU drivers in Chrome. Exploitation requires remote network access, higher attack complexity, no authentication required, and user interaction required.

📧

Phishing link

→

🖼

Malicious file

🔓

Server compromised

Am I affected?Quick check

Probably yes if any of these apply:

●IT Security

●Running ar8031 firmware: -; csra6620 firmware: -; csra6640 firmware: -; fastconnect 7800 firmware: -; qca2066 firmware: -; qca6391 firmware: -; qcm6125 firmware: -; qcm8550 firmware: -; qcn9011 firmware: -; qcn9012 firmware: -; qcs6125 firmware: -; qcs8550 firmware: -; video collaboration vc1 platform firmware: -; sm6475 firmware: -; sm6650 firmware: -; sm6650p firmware: -; sm7435 firmware: -; sm7635 firmware: -; sm7635p firmware: -; smart audio 400 platform firmware: -; snapdragon 4 gen 2 mobile platform firmware: -; snapdragon 6 gen 1 mobile platform firmware: -; snapdragon 680 4g mobile platform firmware: -; snapdragon 685 4g mobile platform \(sm6225-ad\) firmware: -; snapdragon w5\+ gen 1 wearable platform firmware: -; sw5100 firmware: -; sw5100p firmware: -; wcd9335 firmware: -; wcd9370 firmware: -; wcd9375 firmware: -; wcd9378 firmware: -; wcd9385 firmware: -; wcd9395 firmware: -; wcn3950 firmware: -; wcn3980 firmware: -; wcn3988 firmware: -; wcn6650 firmware: -; wcn6740 firmware: -; wcn6755 firmware: -; wsa8810 firmware: -; wsa8815 firmware: -; wsa8830 firmware: -; wsa8832 firmware: -; wsa8835 firmware: -

Real-world incidentsWhat we've seen

CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2025-06-03 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2025-06-24.

How to patch

Manual remediation steps

Identify affected hosts: query inventory for general installs in scope.

Apply the vendor security update referenced in CVE-2025-27038's advisory. No specific KB/version is encoded yet — consult the linked MSRC/vendor URL.

Verify the fix per the vendor's published verification steps.

Document the remediation in your change ticket and re-scan with your vulnerability scanner to confirm closure.

PowerShell automationComing soon

No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.

References

↗ CVE-2025-27038 ↗ MSRC Advisory ↗ NVD ↗ Vendor Advisory