Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

With package: snapdragon-profiler

Found 12 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-25268
8.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
created 1 week, 2 days ago Activity log
  • Created suggestion
Stack-based Buffer Overflow in WLAN Host

Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.

Affected products

Snapdragon
  • ==Kobuk
  • ==WCN6755
  • ==Snapdragon 662 Mobile Platform
  • ==CQ7790
  • ==QCC710
  • ==QCM5430
  • ==QCF8000
  • ==Networking Pro 400 Platform
  • ==IPQ5010
  • ==FastConnect 7800
  • ==Networking Pro 800 Platform
  • ==IPQ9048
  • ==IPQ6010
  • ==QCA8085
  • ==Networking Pro 1610 Platform
  • ==IPQ6000
  • ==QCA8385
  • ==QCA8084
  • ==QCM6490
  • ==QCA8102
  • ==QCN9012
  • ==QCN6023
  • ==Marina
  • ==QCA8080
  • ==SDX81
  • ==QCN5052
  • ==QCN6412
  • ==SW-only
  • ==QFW7124
  • ==IPQ5332
  • ==QMX82L
  • ==WCN3988
  • ==Snapdragon X62 5G Modem-RF System
  • ==SDX61
  • ==QFW7224
  • ==Immersive Home 316 Platform
  • ==Immersive Home 318 Platform
  • ==Snapdragon Auto 5G Modem-RF
  • ==QCA0000
  • ==QCN9024
  • ==Networking Pro 810 Platform
  • ==Snapdragon X72 5G Modem-RF System
  • ==FWA Gen 5 Elite Platform
  • ==WCN3950
  • ==QCN6122
  • ==Immersive Home 3210 Platform
  • ==CQ8725S
  • ==WCD9340
  • ==IPQ5028
  • ==Networking Pro 1200 Platform
  • ==QCN9160
  • ==QCN5152
  • ==Immersive Home 326 Platform
  • ==IPQ8078
  • ==Snapdragon X65 5G Modem-RF System
  • ==FWA Gen 3 Ultra Platform
  • ==QFW7114
  • ==QCN5024
  • ==QCN6224
  • ==IPQ9570
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==QCA9888
  • ==QCA6174A
  • ==QCN5224
  • ==QCN6432
  • ==FastConnect 6900
  • ==WCD9375
  • ==QCA8082
  • ==QCA8081
  • ==5G Fixed Wireless Access Platform
  • ==QXM8083
  • ==QCN6112
  • ==QCA4024
  • ==QCN9274
  • ==QCA9889
  • ==QCA8101
  • ==IPQ9554
  • ==SAR2130P
  • ==FastConnect 6700
  • ==Snapdragon 460 Mobile Platform
  • ==Immersive Home 216 Platform
  • ==QMX85L
  • ==SDX65M
  • ==WCD9385
  • ==IPQ5302
  • ==QCA8386
  • ==QCA8111
  • ==CSR8811
  • ==WCD9380
  • ==QCA8384
  • ==QCN6402
  • ==Networking Pro 610 Platform
  • ==Immersive Home 214 Platform
  • ==WCN7881
  • ==WSA8832
  • ==QCN9013
  • ==WSA8835
  • ==QCN5154
  • ==QCN9100
  • ==QCF8001
  • ==QCN9000
  • ==IPQ9008
  • ==WSA8830
  • ==Orne
  • ==QCN5164
  • ==QCN6422
  • ==QCA8337
  • ==AR8035
  • ==IPQ5312
  • ==Networking Pro 600 Platform
  • ==QCN9070
  • ==IPQ9574
  • ==WCN7861
  • ==IPQ6018
  • ==IPQ5300
  • ==Snapdragon X75 5G Modem-RF System
  • ==QCN5022
  • ==QCN6024
  • ==WCD9370
  • ==QCA8075
  • ==Networking Pro 1210 Platform
  • ==QCN9022
  • ==IPQ8076
  • ==QCN5124
  • ==QCA8112
  • ==QCN6132
  • ==QCN5122
  • ==QCN6274

Matching in nixpkgs

Untriaged
Permalink CVE-2026-25271
7.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
created 1 week, 2 days ago Activity log
  • Created suggestion
Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use.

Affected products

Snapdragon
  • ==X2000077
  • ==WSA8845
  • ==X2000094
  • ==FastConnect 6900
  • ==FastConnect 7800
  • ==IQX5121
  • ==QCA0000
  • ==WSA8845H
  • ==XG101039
  • ==XG101002
  • ==WSA8840
  • ==XG101032
  • ==IQX7181
  • ==X2000090
  • ==X2000092
  • ==Cologne
  • ==WCD9385
  • ==WCD9380
  • ==SC8380XP
  • ==WCD9378C
  • ==X2000086

Matching in nixpkgs

Untriaged
Permalink CVE-2025-59616
6.6 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): Required (R)
  • Scope (S): Changed (C)
  • Confidentiality (C): Low (L)
  • Integrity (I): High (H)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): Low (L)
created 1 week, 2 days ago Activity log
  • Created suggestion
Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory.

Affected products

Snapdragon
  • ==WCN7881
  • ==WSA8832
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==WCD9378
  • ==Snapdragon 662 Mobile Platform
  • ==WSA8835
  • ==QCM5430
  • ==WSA8845
  • ==WCN3988
  • ==WCN7760
  • ==FastConnect 6900
  • ==WCD9375
  • ==WCN6450
  • ==WSA8830
  • ==Orne
  • ==QMP1000
  • ==WSA8850
  • ==FastConnect 7800
  • ==Pandeiro
  • ==WCN7861
  • ==WSA8855C
  • ==WSA8845H
  • ==WCN3950
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==QCM6490
  • ==SM6850
  • ==Snapdragon 460 Mobile Platform
  • ==WCN7860
  • ==FastConnect 6700
  • ==WCD9395
  • ==WSA8840
  • ==WCN7880
  • ==WCD9370
  • ==Molokai
  • ==SXR2250P
  • ==WCD9385
  • ==Snapdragon 8 Elite Gen 5
  • ==QMP2001
  • ==SXR2230P
  • ==WCD9380
  • ==SC8380XP
  • ==WSA8850W
  • ==SD865 5G
  • ==Snapdragon XR2 5G Platform
  • ==SM8845P
  • ==Snapdragon AR1 Gen 1 Platform
  • ==WSA8815
  • ==WSA8810

Matching in nixpkgs

Untriaged
Permalink CVE-2025-59617
6.6 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): Required (R)
  • Scope (S): Changed (C)
  • Confidentiality (C): Low (L)
  • Integrity (I): High (H)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): Low (L)
created 1 week, 2 days ago Activity log
  • Created suggestion
Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.

Affected products

Snapdragon
  • ==WCN7881
  • ==WSA8832
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==WCD9378
  • ==Snapdragon 662 Mobile Platform
  • ==WSA8835
  • ==QCM5430
  • ==WSA8845
  • ==WCN3988
  • ==WCN7760
  • ==FastConnect 6900
  • ==WCD9375
  • ==WCN6450
  • ==WSA8830
  • ==Orne
  • ==QMP1000
  • ==WSA8850
  • ==FastConnect 7800
  • ==Pandeiro
  • ==WCN7861
  • ==WSA8855C
  • ==WSA8845H
  • ==WCN3950
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==QCM6490
  • ==SM6850
  • ==Snapdragon 460 Mobile Platform
  • ==WCN7860
  • ==FastConnect 6700
  • ==WCD9395
  • ==WSA8840
  • ==WCN7880
  • ==WCD9370
  • ==Molokai
  • ==SXR2250P
  • ==WCD9385
  • ==Snapdragon 8 Elite Gen 5
  • ==QMP2001
  • ==SXR2230P
  • ==WCD9380
  • ==SC8380XP
  • ==WSA8850W
  • ==SD865 5G
  • ==Snapdragon XR2 5G Platform
  • ==SM8845P
  • ==Snapdragon AR1 Gen 1 Platform
  • ==WSA8815
  • ==WSA8810

Matching in nixpkgs

Untriaged
Permalink CVE-2026-21383
7.1 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): None (N)
created 1 week, 2 days ago Activity log
  • Created suggestion
Reusing a Nonce, Key Pair in Encryption in HLOS

Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.

Affected products

Snapdragon
  • ==QAMSRV1H
  • ==QDU1210
  • ==QDX1011
  • ==FastConnect 7800
  • ==QCA6595AU
  • ==QCA6698AQ
  • ==WSA8835
  • ==SA8255P
  • ==FastConnect 6900
  • ==Pandeiro
  • ==WSA8830
  • ==QAM8397P
  • ==QCA8695AU
  • ==LeMans_AU_LGIT
  • ==QDU1000
  • ==Snapdragon AR1+ Gen 1 Platform
  • ==SAR1165P
  • ==WSA8832
  • ==QAMSRV1M
  • ==SRV1H
  • ==Qualcomm Dragonwing X100 Accelerator Card
  • ==QDU1110
  • ==QXM1093
  • ==SXR2230P
  • ==SAR2130P
  • ==XRV7209
  • ==SA9000P
  • ==WCN3950
  • ==WCN7861
  • ==QCA6797AQ
  • ==QXM1094
  • ==QPA1083BD
  • ==QDX1010
  • ==QAM8255P
  • ==QLN1086BD
  • ==QXM1095
  • ==WCN7860
  • ==SA8770P
  • ==Snapdragon AR1 Gen 1 Platform
  • ==WCD9385
  • ==SXR2250P
  • ==QCA6696
  • ==QXM1096
  • ==SA8620P
  • ==SRV1M
  • ==SA7775P
  • ==WCD9380
  • ==LeMansAU
  • ==QAM8797P
  • ==XRV9209
  • ==QPA1086BD
  • ==QLN1083BD
  • ==SA7255P

Matching in nixpkgs

Untriaged
Permalink CVE-2026-21384
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): Low (L)
  • Integrity (I): Low (L)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): Low (L)
created 1 week, 2 days ago Activity log
  • Created suggestion
Out-of-bounds Write in Camera Driver

Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits.

Affected products

Snapdragon
  • ==QAMSRV1H
  • ==Snapdragon 7 Gen 1 Mobile Platform
  • ==WSA8845H
  • ==Snapdragon XR2 5G Platform
  • ==FastConnect 7800
  • ==SXR2350P
  • ==SC8380XP
  • ==Snapdragon 460 Mobile Platform
  • ==SXR2330P
  • ==QCM4490
  • ==WCN3950
  • ==QXM1094
  • ==SM7435
  • ==QCA6595
  • ==QAM8255P
  • ==WCN7860
  • ==SA8770P
  • ==Snapdragon AR1 Gen 1 Platform
  • ==SA8620P
  • ==XRV9209
  • ==Snapdragon 4 Gen 2 Mobile Platform
  • ==WSA8815
  • ==QCS4490
  • ==WSA8845
  • ==WCD9375
  • ==Pandeiro
  • ==WSA8830
  • ==Snapdragon 662 Mobile Platform
  • ==WSA8810
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==SD865 5G
  • ==QXM1095
  • ==QLN1086BD
  • ==WCN7881
  • ==Snapdragon 8 Elite
  • ==WCD9385
  • ==QXM1096
  • ==SRV1M
  • ==Snapdragon 6 Gen 3 Mobile Platform
  • ==WCD9380
  • ==QCM5430
  • ==QPA1086BD
  • ==QLN1083BD
  • ==Snapdragon 8 Gen 1 Mobile Platform
  • ==QCA6595AU
  • ==QCA6678AQ
  • ==WCN3988
  • ==WCN6755
  • ==LeMans_AU_LGIT
  • ==QCM6490
  • ==WSA8840
  • ==QAMSRV1M
  • ==QCS8550
  • ==QCA6698AU
  • ==SXR2230P
  • ==WCN7861
  • ==QPA1083BD
  • ==Snapdragon 6 Gen 1 Mobile Platform
  • ==SDR753
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==SA7775P
  • ==LeMansAU
  • ==FastConnect 6700
  • ==QCA6698AQ
  • ==WSA8835
  • ==SA8255P
  • ==FastConnect 6900
  • ==WSA8832
  • ==SRV1H
  • ==QXM1093
  • ==SAR2130P
  • ==SD 8 Gen1 5G
  • ==XRV7209
  • ==SA9000P
  • ==QCA6797AQ
  • ==WCD9370
  • ==Netrani
  • ==QCM8838
  • ==SA7255P

Matching in nixpkgs

Untriaged
Permalink CVE-2025-59615
6.6 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): Required (R)
  • Scope (S): Changed (C)
  • Confidentiality (C): Low (L)
  • Integrity (I): High (H)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): Low (L)
created 1 week, 2 days ago Activity log
  • Created suggestion
Use After Free in Computer Vision

Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization.

Affected products

Snapdragon
  • ==WSA8845H
  • ==WSA8845
  • ==Snapdragon XR2 5G Platform
  • ==FastConnect 7800
  • ==SXR2350P
  • ==Orne
  • ==SC8380XP
  • ==WSA8835
  • ==WCN3988
  • ==WCN6450
  • ==SM8845P
  • ==WSA8850
  • ==WCD9375
  • ==WCD9378
  • ==Snapdragon 8 Elite Gen 5
  • ==FastConnect 6900
  • ==Pandeiro
  • ==WCD9395
  • ==WSA8830
  • ==Snapdragon 662 Mobile Platform
  • ==Molokai
  • ==QCM6490
  • ==WSA8840
  • ==WSA8832
  • ==Snapdragon 460 Mobile Platform
  • ==QXM1093
  • ==QMP2001
  • ==SXR2230P
  • ==SXR2330P
  • ==WSA8810
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==WSA8855C
  • ==XRV7209
  • ==WCN3950
  • ==WCN7861
  • ==WCN7760
  • ==WSA8850W
  • ==QXM1094
  • ==SD865 5G
  • ==QXM1095
  • ==WCD9370
  • ==WCN7880
  • ==WCN7881
  • ==QLN1086BD
  • ==QMP1000
  • ==WCN7860
  • ==QPA1083BD
  • ==Snapdragon AR1 Gen 1 Platform
  • ==WCD9385
  • ==SM6850
  • ==SXR2250P
  • ==QXM1096
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==WCD9380
  • ==XRV9209
  • ==QCM5430
  • ==QPA1086BD
  • ==QLN1083BD
  • ==WSA8815
  • ==FastConnect 6700

Matching in nixpkgs

Untriaged
Permalink CVE-2026-21368
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): Low (L)
  • Integrity (I): Low (L)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): Low (L)
created 1 week, 2 days ago Activity log
  • Created suggestion
Out-of-bounds Write in Camera Driver

Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks.

Affected products

Snapdragon
  • ==Snapdragon 7 Gen 1 Mobile Platform
  • ==QAMSRV1H
  • ==WSA8845H
  • ==Snapdragon XR2 5G Platform
  • ==SM7525
  • ==FastConnect 7800
  • ==SXR2350P
  • ==SC8380XP
  • ==WCD9378
  • ==Snapdragon 460 Mobile Platform
  • ==SXR2330P
  • ==QCM4490
  • ==WCN3950
  • ==QXM1094
  • ==SM7435
  • ==QAM8255P
  • ==QCA6595
  • ==WCN7860
  • ==SA8770P
  • ==Snapdragon AR1 Gen 1 Platform
  • ==SA8620P
  • ==XRV9209
  • ==Snapdragon 4 Gen 2 Mobile Platform
  • ==WSA8815
  • ==QCS4490
  • ==WSA8845
  • ==WCD9375
  • ==Pandeiro
  • ==IQ9 Series Platform
  • ==WSA8830
  • ==Snapdragon 662 Mobile Platform
  • ==WSA8810
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==SD865 5G
  • ==QXM1095
  • ==QLN1086BD
  • ==WCN7881
  • ==Snapdragon 8 Elite
  • ==WCD9385
  • ==QXM1096
  • ==SRV1M
  • ==Snapdragon 6 Gen 3 Mobile Platform
  • ==WCD9380
  • ==QPA1086BD
  • ==QLN1083BD
  • ==SM7550P
  • ==Snapdragon 8 Gen 1 Mobile Platform
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==QCA6595AU
  • ==QCA6678AQ
  • ==WCN3988
  • ==WCN6450
  • ==WCD9390
  • ==WCD9395
  • ==WCN6755
  • ==LeMans_AU_LGIT
  • ==WSA8840
  • ==QCS8550
  • ==QAMSRV1M
  • ==QCA6698AU
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==SXR2230P
  • ==WCN7861
  • ==X1E80100
  • ==WCD9371
  • ==QPA1083BD
  • ==Snapdragon 6 Gen 1 Mobile Platform
  • ==SDR753
  • ==WCN6650
  • ==SA7775P
  • ==SM8550P
  • ==LeMansAU
  • ==FastConnect 6700
  • ==QCA6698AQ
  • ==WSA8835
  • ==SM7550
  • ==SA8255P
  • ==FastConnect 6900
  • ==G3x Gen 2
  • ==WSA8832
  • ==SRV1H
  • ==QXM1093
  • ==SAR2130P
  • ==SD 8 Gen1 5G
  • ==XRV7209
  • ==SA9000P
  • ==QCA6797AQ
  • ==WCD9370
  • ==Netrani
  • ==QCM8838
  • ==SA7255P

Matching in nixpkgs

Untriaged
Permalink CVE-2026-21369
5.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): Low (L)
  • Integrity (I): Low (L)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): Low (L)
created 1 week, 2 days ago Activity log
  • Created suggestion
Out-of-bounds Write in Camera Driver

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification.

Affected products

Snapdragon
  • ==QAMSRV1H
  • ==WSA8845H
  • ==Snapdragon XR2 5G Platform
  • ==SM7525
  • ==FastConnect 7800
  • ==SXR2350P
  • ==SC8380XP
  • ==WCD9378
  • ==Kalpeni
  • ==WCN3910
  • ==Snapdragon 460 Mobile Platform
  • ==SXR2330P
  • ==SM6225P
  • ==QCM4490
  • ==WCN3950
  • ==QXM1094
  • ==SD662
  • ==QCA6595
  • ==QAM8255P
  • ==WCN7860
  • ==Snapdragon AR1 Gen 1 Platform
  • ==SA8770P
  • ==SA8620P
  • ==XRV9209
  • ==WSA8815
  • ==QCM2290
  • ==FastConnect 6200
  • ==QCS4490
  • ==WSA8845
  • ==Snapdragon Wear Elite platform
  • ==WCD9375
  • ==Pandeiro
  • ==IQ9 Series Platform
  • ==WSA8830
  • ==QCA8695AU
  • ==Snapdragon 662 Mobile Platform
  • ==Snapdragon 695 5G Mobile Platform
  • ==SA6155P
  • ==SA8195P
  • ==QCS4290
  • ==WSA8810
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==SD865 5G
  • ==QXM1095
  • ==G1 Gen 1
  • ==QLN1086BD
  • ==WCN7881
  • ==SA8155P
  • ==Snapdragon 8 Elite
  • ==WCD9385
  • ==QXM1096
  • ==SRV1M
  • ==Snapdragon 680 4G Mobile Platform
  • ==WCD9380
  • ==QCM5430
  • ==QPA1086BD
  • ==QLN1083BD
  • ==SM7550P
  • ==SA8295P
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==WCN3988
  • ==WCN6450
  • ==WCD9390
  • ==WCD9395
  • ==WCN6755
  • ==LeMans_AU_LGIT
  • ==QCM6490
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==Themisto
  • ==WSA8840
  • ==QAMSRV1M
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==SXR2230P
  • ==WCN7861
  • ==X1E80100
  • ==WCD9371
  • ==QPA1083BD
  • ==SDR753
  • ==QCS2290
  • ==QCA6696
  • ==WCN6650
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==SA7775P
  • ==SM8550P
  • ==LeMansAU
  • ==FastConnect 6700
  • ==QCA6698AQ
  • ==WSA8835
  • ==SM7550
  • ==SA8255P
  • ==FastConnect 6900
  • ==G3x Gen 2
  • ==QCA6574AU
  • ==WSA8832
  • ==SRV1H
  • ==QXM1093
  • ==QCM4325
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==SAR2130P
  • ==XRV7209
  • ==SA9000P
  • ==QCA6797AQ
  • ==QAM8295P
  • ==Snapdragon 685 4G Mobile Platform
  • ==WCD9370
  • ==Snapdragon 480 5G Mobile Platform
  • ==QCA6688AQ
  • ==QCM8838
  • ==SA7255P

Matching in nixpkgs

Untriaged
Permalink CVE-2026-21379
7.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
created 1 week, 2 days ago Activity log
  • Created suggestion
Buffer Over-read in Windows Compute

Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.

Affected products

Snapdragon
  • ==Snapdragon 7c+ Gen 3 Compute
  • ==WSA8845H
  • ==FastConnect 6200
  • ==QCA0000
  • ==FastConnect 6800
  • ==WSA8845
  • ==FastConnect 7800
  • ==WCD9341
  • ==IQX7181
  • ==SC8380XP
  • ==WSA8835
  • ==WCD9375
  • ==FastConnect 6900
  • ==WSA8830
  • ==Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
  • ==Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro"
  • ==QCM6490
  • ==Snapdragon 8cx Compute Platform
  • ==WSA8840
  • ==Snapdragon 8c Compute Platform "Poipu Lite"
  • ==XG101002
  • ==WSA8810
  • ==X2000077
  • ==Snapdragon 8cx Gen 3 Compute Platform
  • ==X2000086
  • ==Cologne
  • ==XG101032
  • ==WCD9340
  • ==QCA6430
  • ==WCD9370
  • ==Snapdragon 8cx Compute Platform "Poipu Pro"
  • ==X2000092
  • ==WCD9378C
  • ==WCD9385
  • ==QCA6391
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==XG101039
  • ==WCD9380
  • ==X2000094
  • ==Snapdragon 8cx Gen 2 5G Compute Platform
  • ==QCM5430
  • ==X2000090
  • ==WSA8815
  • ==AQT1000
  • ==IQX5121
  • ==FastConnect 6700
  • ==QCA6420

Matching in nixpkgs