CVE-2026-21372
Received
Received - Intake
Memory Corruption via IOCTL Buffer Overflow in Qualcomm Drivers
Publication date: 2026-04-06
Last updated on: 2026-04-08
Assigner: Qualcomm, Inc.
Description
Description
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | cologne_firmware | * |
| qualcomm | fastconnect_6700_firmware | * |
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | qcm5430_firmware | * |
| qualcomm | qcm6490_firmware | * |
| qualcomm | video_collaboration_vc3_platform_firmware | * |
| qualcomm | snapdragon_460_mobile_platform_firmware | * |
| qualcomm | snapdragon_662_mobile_platform_firmware | * |
| qualcomm | snapdragon_7c+_gen_3_compute_firmware | * |
| qualcomm | wcd9370_firmware | * |
| qualcomm | wcd9375_firmware | * |
| qualcomm | wcd9378c_firmware | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcn3950_firmware | * |
| qualcomm | wcn3988_firmware | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | x2000077_firmware | * |
| qualcomm | x2000086_firmware | * |
| qualcomm | x2000090_firmware | * |
| qualcomm | x2000092_firmware | * |
| qualcomm | x2000094_firmware | * |
| qualcomm | xg101002_firmware | * |
| qualcomm | xg101032_firmware | * |
| qualcomm | xg101039_firmware | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
