Qualcomm

CVE-2025-47407 describes a memory corruption vulnerability affecting the digital signal processor due to allocation failure at the kernel level, potentially leading to arbitrary code execution with elevated privileges on affected systems.

CVE-2026-21382 is a memory corruption vulnerability related to handling power management requests with improperly sized input/output buffers, potentially leading to code execution.

CVE-2026-21374 describes a memory corruption vulnerability due to insufficient buffer size validation when processing auxiliary sensor input/output control commands, potentially allowing a local attacker to execute arbitrary code with elevated privileges.

CVE-2026-21375 is a memory corruption vulnerability in Qualcomm chipsets due to insufficient output buffer size validation during IOCTL processing, potentially leading to arbitrary code execution.

A memory corruption vulnerability exists in Qualcomm camera sensor drivers due to insufficient output buffer size validation during IOCTL processing, potentially leading to arbitrary code execution.

CVE-2026-21367 describes a transient denial-of-service vulnerability in Qualcomm products that occurs when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans, potentially leading to service disruption.

CVE-2026-21371 is a memory corruption vulnerability due to insufficient size validation when retrieving an output buffer, potentially leading to information disclosure or arbitrary code execution on affected Qualcomm devices.

CVE-2025-47391 is a memory corruption vulnerability due to a stack-based buffer overflow (CWE-121) while processing a frame request, as detailed in the Qualcomm security bulletin for April 2026, potentially leading to arbitrary code execution.

A memory corruption vulnerability (CVE-2025-47390) exists while preprocessing IOCTL requests in the JPEG driver, potentially leading to local privilege escalation or denial of service.

CVE-2026-24082 is a use-after-free vulnerability in Qualcomm products that occurs when copying data from a freed source during a performance counter deselect operation, potentially leading to memory corruption and arbitrary code execution.

CVE-2025-47405 is a memory corruption vulnerability in Qualcomm products related to processing camera sensor input/output control codes with invalid output buffers, potentially leading to arbitrary code execution.