Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged
Permalink CVE-2026-21376
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 week, 1 day ago
Buffer Over-read in Camera

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.

Affected products

Snapdragon
  • ==Snapdragon 7c Gen 2 Compute Platform "Rennell Pro"
  • ==WCD9370
  • ==X2000092
  • ==QCA6391
  • ==Snapdragon 8cx Compute Platform
  • ==XG101039
  • ==X2000086
  • ==Snapdragon 8cx Compute Platform "Poipu Pro"
  • ==WSA8832
  • ==Snapdragon 460 Mobile Platform
  • ==FastConnect 7800
  • ==FastConnect 6700
  • ==XG101002
  • ==WCN3950
  • ==X2000094
  • ==Snapdragon 8cx Gen 2 5G Compute Platform
  • ==Snapdragon AR1 Gen 1 Platform
  • ==WCD9385
  • ==QCM5430
  • ==FastConnect 6200
  • ==Cologne
  • ==Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
  • ==SC8380XP
  • ==FastConnect 6900
  • ==QCM6490
  • ==WCD9380
  • ==WSA8840
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro"
  • ==Snapdragon 8cx Gen 3 Compute Platform
  • ==QCA6420
  • ==WCD9340
  • ==WCD9378C
  • ==WCN3988
  • ==WSA8835
  • ==WSA8845
  • ==QCA0000
  • ==FastConnect 6800
  • ==WSA8830
  • ==Snapdragon 662 Mobile Platform
  • ==WSA8810
  • ==WSA8845H
  • ==WCD9341
  • ==WCD9375
  • ==AQT1000
  • ==Snapdragon 7c+ Gen 3 Compute
  • ==Snapdragon 8c Compute Platform "Poipu Lite"
  • ==X2000077
  • ==X2000090
  • ==WSA8815
  • ==SM6250
  • ==QCA6430
  • ==Snapdragon 7c Compute Platform
  • ==XG101032

Matching in nixpkgs