CVE-2026-24082
Awaiting Analysis
Awaiting Analysis - Queue
Memory Corruption in Qualcomm Performance Counter
Publication date: 2026-05-04
Last updated on: 2026-05-06
Assigner: Qualcomm, Inc.
Description
Description
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | qxm1096_firmware | * |
| qualcomm | robotics_rb2_firmware | * |
| qualcomm | robotics_rb5_firmware | * |
| qualcomm | sa4150p_firmware | * |
| qualcomm | sa4155p_firmware | * |
| qualcomm | sa6145p_firmware | * |
| qualcomm | sa6150p_firmware | * |
| qualcomm | sa6155p_firmware | * |
| qualcomm | sa7255p_firmware | * |
| qualcomm | sa7775p_firmware | * |
| qualcomm | sa8145p_firmware | * |
| qualcomm | sa8150p_firmware | * |
| qualcomm | sa8155p_firmware | * |
| qualcomm | sa8195p_firmware | * |
| qualcomm | sa8255p_firmware | * |
| qualcomm | sa8295p_firmware | * |
| qualcomm | sa8620p_firmware | * |
| qualcomm | sa8770p_firmware | * |
| qualcomm | sa9000p_firmware | * |
| qualcomm | sar1165p_firmware | * |
| qualcomm | sd662_firmware | * |
| qualcomm | sm6225p_firmware | * |
| qualcomm | sm6650p_firmware | * |
| qualcomm | sm7525_firmware | * |
| qualcomm | sm7550_firmware | * |
| qualcomm | sm7550p_firmware | * |
| qualcomm | sm7635p_firmware | * |
| qualcomm | sm7675_firmware | * |
| qualcomm | sm7675p_firmware | * |
| qualcomm | sm8550p_firmware | * |
| qualcomm | sm8635_firmware | * |
| qualcomm | sm8635p_firmware | * |
| qualcomm | sm8650q_firmware | * |
| qualcomm | smart_audio_400_firmware | * |
| qualcomm | snapdragon_4_gen_1_mobile_firmware | * |
| qualcomm | snapdragon_460_mobile_firmware | * |
| qualcomm | snapdragon_480_5g_mobile_firmware | * |
| qualcomm | snapdragon_480+_5g_mobile_firmware | * |
| qualcomm | snapdragon_6_gen_4_mobile_firmware | * |
| qualcomm | snapdragon_662_mobile_firmware | * |
| qualcomm | ar8031_firmware | * |
| qualcomm | ar8035_firmware | * |
| qualcomm | csra6620_firmware | * |
| qualcomm | csra6640_firmware | * |
| qualcomm | fastconnect_6200_firmware | * |
| qualcomm | fastconnect_6700_firmware | * |
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | flight_rb5_5g_firmware | * |
| qualcomm | fwa_gen_3_ultra_firmware | * |
| qualcomm | g1_gen_1_firmware | * |
| qualcomm | g3x_gen_2_firmware | * |
| qualcomm | kalpeni_firmware | * |
| qualcomm | lemans_au_lgit_firmware | * |
| qualcomm | lemansau_firmware | * |
| qualcomm | mdm9250_firmware | * |
| qualcomm | mdm9628_firmware | * |
| qualcomm | milos_firmware | * |
| qualcomm | milos_iot_firmware | * |
| qualcomm | pandeiro_firmware | * |
| qualcomm | qam8255p_firmware | * |
| qualcomm | qam8295p_firmware | * |
| qualcomm | qamsrv1h_firmware | * |
| qualcomm | qamsrv1m_firmware | * |
| qualcomm | qca2066_firmware | * |
| qualcomm | qca6174a_firmware | * |
| qualcomm | qca6391_firmware | * |
| qualcomm | qca6564a_firmware | * |
| qualcomm | qca6564au_firmware | * |
| qualcomm | qca6574_firmware | * |
| qualcomm | qca6574a_firmware | * |
| qualcomm | qca6574au_firmware | * |
| qualcomm | qca6584au_firmware | * |
| qualcomm | qca6595_firmware | * |
| qualcomm | qca6595au_firmware | * |
| qualcomm | qca6678aq_firmware | * |
| qualcomm | qca6688aq_firmware | * |
| qualcomm | qca6696_firmware | * |
| qualcomm | qca6698aq_firmware | * |
| qualcomm | qca6698au_firmware | * |
| qualcomm | qca6797aq_firmware | * |
| qualcomm | qca8081_firmware | * |
| qualcomm | qca8337_firmware | * |
| qualcomm | qca8695au_firmware | * |
| qualcomm | qca9367_firmware | * |
| qualcomm | wcn7881_firmware | * |
| qualcomm | wsa8810_firmware | * |
| qualcomm | wsa8815_firmware | * |
| qualcomm | wsa8830_firmware | * |
| qualcomm | wsa8832_firmware | * |
| qualcomm | wsa8835_firmware | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | xrv7209_firmware | * |
| qualcomm | xrv9209_firmware | * |
| qualcomm | qca9377_firmware | * |
| qualcomm | qcc710_firmware | * |
| qualcomm | qcm2290_firmware | * |
| qualcomm | qcm4325_firmware | * |
| qualcomm | qcm5430_firmware | * |
| qualcomm | qcm6125_firmware | * |
| qualcomm | qcm6490_firmware | * |
| qualcomm | qcn6224_firmware | * |
| qualcomm | qcn6274_firmware | * |
| qualcomm | qcn9011_firmware | * |
| qualcomm | qcn9012_firmware | * |
| qualcomm | qcs2290_firmware | * |
| qualcomm | qcs4290_firmware | * |
| qualcomm | qcs6690_firmware | * |
| qualcomm | qcs8550_firmware | * |
| qualcomm | qdu1000_firmware | * |
| qualcomm | qdu1110_firmware | * |
| qualcomm | qdu1210_firmware | * |
| qualcomm | qdx1010_firmware | * |
| qualcomm | qdx1011_firmware | * |
| qualcomm | qep8111_firmware | * |
| qualcomm | qfw7114_firmware | * |
| qualcomm | qfw7124_firmware | * |
| qualcomm | qln1083bd_firmware | * |
| qualcomm | qln1086bd_firmware | * |
| qualcomm | qpa1083bd_firmware | * |
| qualcomm | qpa1086bd_firmware | * |
| qualcomm | qrb5165m_firmware | * |
| qualcomm | qrb5165n_firmware | * |
| qualcomm | qru1032_firmware | * |
| qualcomm | dragonwing_qru100__firmware | * |
| qualcomm | dragonwing_x100_accelerator_card_firmware | * |
| qualcomm | video_collaboration_vc1__firmware | * |
| qualcomm | video_collaboration_vc3__firmware | * |
| qualcomm | video_collaboration_vc5__firmware | * |
| qualcomm | qxm1083_firmware | * |
| qualcomm | qxm1086_firmware | * |
| qualcomm | qxm1093_firmware | * |
| qualcomm | qxm1094_firmware | * |
| qualcomm | qxm1095_firmware | * |
| qualcomm | snapdragon_680_4g_mobile_firmware | * |
| qualcomm | snapdragon_685_4g_mobile_firmware | * |
| qualcomm | snapdragon_695_5g_mobile_firmware | * |
| qualcomm | snapdragon_7s_gen_3_mobile_firmware | * |
| qualcomm | snapdragon_8_gen_2_mobile_firmware | * |
| qualcomm | snapdragon_8_gen_3_mobile_firmware | * |
| qualcomm | snapdragon_8+_gen_2_mobile_firmware | * |
| qualcomm | snapdragon_ar1_gen_1_firmware | * |
| qualcomm | snapdragon_ar1+_gen_1_firmware | * |
| qualcomm | snapdragon_auto_5g_modem-rf_firmware | * |
| qualcomm | snapdragon_auto_5g_modem-rf_gen_2_firmware | * |
| qualcomm | snapdragon_x32_5g_modem-rf_firmware | * |
| qualcomm | snapdragon_x35_5g_modem-rf_firmware | * |
| qualcomm | snapdragon_x72_5g_modem-rf_firmware | * |
| qualcomm | snapdragon_x75_5g_modem-rf_firmware | * |
| qualcomm | srv1h_firmware | * |
| qualcomm | srv1m_firmware | * |
| qualcomm | sw5100_firmware | * |
| qualcomm | sw5100p_firmware | * |
| qualcomm | sxr2330p_firmware | * |
| qualcomm | sxr2350p_firmware | * |
| qualcomm | wcd9335_firmware | * |
| qualcomm | wcd9340_firmware | * |
| qualcomm | wcd9370_firmware | * |
| qualcomm | wcd9371_firmware | * |
| qualcomm | wcd9375_firmware | * |
| qualcomm | wcd9378_firmware | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcd9390_firmware | * |
| qualcomm | wcd9395_firmware | * |
| qualcomm | wcn3910_firmware | * |
| qualcomm | wcn3950_firmware | * |
| qualcomm | wcn3980_firmware | * |
| qualcomm | wcn3988_firmware | * |
| qualcomm | wcn6450_firmware | * |
| qualcomm | wcn6650_firmware | * |
| qualcomm | wcn6755_firmware | * |
| qualcomm | wcn7860_firmware | * |
| qualcomm | wcn7861_firmware | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
