Transient DoS via Oversize Auth IE in 802.11 Frame
CVE-2025-47402 Published on February 2, 2026
Buffer Over-read in WLAN Firmware
Transient DOS when processing a received frame with an excessively large authentication information element.
Vulnerability Analysis
Weakness Type
Buffer Over-read
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. This typically occurs when the pointer or its index is incremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in exposure of sensitive information or possibly a crash.
Products Associated with CVE-2025-47402
stack.watch emails you whenever new vulnerabilities are published in Qualcomm Snapdragon or Google Android. Just hit a watch button to start following.
Affected Versions
Qualcomm, Inc. Snapdragon:- Version AR8035 is affected.
- Version Cologne is affected.
- Version FastConnect 6900 is affected.
- Version FastConnect 7800 is affected.
- Version FWA Gen 3 Ultra Platform is affected.
- Version LeMans_AU_LGIT is affected.
- Version LeMansAU is affected.
- Version Orne is affected.
- Version Palawan25 is affected.
- Version QAM8255P is affected.
- Version QAMSRV1H is affected.
- Version QAMSRV1M is affected.
- Version QCA6391 is affected.
- Version QCA6554A is affected.
- Version QCA6564AU is affected.
- Version QCA6574 is affected.
- Version QCA6574A is affected.
- Version QCA6574AU is affected.
- Version QCA6584AU is affected.
- Version QCA6595 is affected.
- Version QCA6595AU is affected.
- Version QCA6678AQ is affected.
- Version QCA6688AQ is affected.
- Version QCA6696 is affected.
- Version QCA6698AQ is affected.
- Version QCA6698AU is affected.
- Version QCA6777AQ is affected.
- Version QCA6787AQ is affected.
- Version QCA6797AQ is affected.
- Version QCA8081 is affected.
- Version QCA8337 is affected.
- Version QCC2073 is affected.
- Version QCC2076 is affected.
- Version QCC710 is affected.
- Version QCN6224 is affected.
- Version QCN6274 is affected.
- Version QCN9011 is affected.
- Version QCN9012 is affected.
- Version QCS8550 is affected.
- Version QFW7114 is affected.
- Version QFW7124 is affected.
- Version QMP1000 is affected.
- Version SA7255P is affected.
- Version SA7775P is affected.
- Version SA8255P is affected.
- Version SA8620P is affected.
- Version SA8770P is affected.
- Version SA9000P is affected.
- Version SAR2130P is affected.
- Version SM7675 is affected.
- Version SM7675P is affected.
- Version SM8635 is affected.
- Version SM8635P is affected.
- Version SM8650Q is affected.
- Version SM8750P is affected.
- Version Snapdragon 8 Elite is affected.
- Version Snapdragon 8 Gen 3 Mobile Platform is affected.
- Version Snapdragon Auto 5G Modem-RF Gen 2 is affected.
- Version Snapdragon X72 5G Modem-RF System is affected.
- Version Snapdragon X75 5G Modem-RF System is affected.
- Version SRV1H is affected.
- Version SRV1M is affected.
- Version SSG2115P is affected.
- Version SSG2125P is affected.
- Version SXR1230P is affected.
- Version SXR2250P is affected.
- Version WCD9340 is affected.
- Version WCD9370 is affected.
- Version WCD9375 is affected.
- Version WCD9378 is affected.
- Version WCD9378C is affected.
- Version WCD9380 is affected.
- Version WCD9385 is affected.
- Version WCD9390 is affected.
- Version WCD9395 is affected.
- Version WCN6755 is affected.
- Version WCN7860 is affected.
- Version WCN7861 is affected.
- Version WCN7880 is affected.
- Version WCN7881 is affected.
- Version WSA8830 is affected.
- Version WSA8832 is affected.
- Version WSA8835 is affected.
- Version WSA8840 is affected.
- Version WSA8845 is affected.
- Version WSA8845H is affected.
- Version X2000077 is affected.
- Version X2000086 is affected.
- Version X2000090 is affected.
- Version X2000092 is affected.
- Version X2000094 is affected.
- Version XG101002 is affected.
- Version XG101032 is affected.
- Version XG101039 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.