{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-21367/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.6,"id":"CVE-2026-21367"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["medium"],"_cs_tags":["dos","qualcomm","cve-2026-21367"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-21367 is a vulnerability affecting Qualcomm products that results in a transient denial-of-service (DoS). The vulnerability stems from the processing of nonstandard Fine Timing Measurement (FTM) Initial Link Setup (FILS) Discovery Frames which contain out-of-range action sizes during the initial network scanning phase. This issue can be triggered remotely, potentially disrupting the availability of services provided by the affected Qualcomm devices. The vulnerability was disclosed in the Qualcomm security bulletin for April 2026. Successful exploitation leads to temporary service unavailability, impacting user experience and potentially network stability.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious FILS Discovery Frame with out-of-range action sizes.\u003c/li\u003e\n\u003cli\u003eThe attacker transmits the crafted FILS Discovery Frame to a Qualcomm device during its initial network scan.\u003c/li\u003e\n\u003cli\u003eThe Qualcomm device receives the malicious frame and attempts to process the out-of-range action size.\u003c/li\u003e\n\u003cli\u003eDue to improper bounds checking, the processing of the frame triggers a buffer over-read condition (CWE-126).\u003c/li\u003e\n\u003cli\u003eThe buffer over-read leads to a temporary system instability.\u003c/li\u003e\n\u003cli\u003eThe device experiences a transient denial-of-service condition.\u003c/li\u003e\n\u003cli\u003eThe affected service becomes temporarily unavailable to legitimate users.\u003c/li\u003e\n\u003cli\u003eAfter a short period, the device recovers, and the service resumes normal operation.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-21367 leads to a transient denial-of-service condition on affected Qualcomm devices. The specific impact depends on the role of the device. This vulnerability has a CVSS v3.1 score of 7.6, indicating a high severity. While the DoS is transient, repeated exploitation could create a prolonged disruption, hindering user access and potentially affecting critical device functionalities.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor network traffic for malformed FILS Discovery Frames, specifically those with unusually large action sizes, using network monitoring tools (network_connection log source).\u003c/li\u003e\n\u003cli\u003eApply the patches or updates provided by Qualcomm as detailed in the April 2026 security bulletin to remediate CVE-2026-21367 (reference: \u003ca href=\"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html)\"\u003ehttps://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eImplement rate limiting on FILS Discovery Frame processing to mitigate the impact of malicious frames (network_connection log source).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-06T16:16:29Z","date_published":"2026-04-06T16:16:29Z","id":"/briefs/2026-04-qualcomm-dos/","summary":"CVE-2026-21367 describes a transient denial-of-service vulnerability in Qualcomm products that occurs when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans, potentially leading to service disruption.","title":"Qualcomm Transient Denial-of-Service via FILS Discovery Frames (CVE-2026-21367)","url":"https://feed.craftedsignal.io/briefs/2026-04-qualcomm-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-21367","version":"https://jsonfeed.org/version/1.1"}