{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/qualcomm-inc./","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-24082"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-24082","use-after-free","memory corruption","qualcomm"],"_cs_type":"advisory","_cs_vendors":["Qualcomm, Inc."],"content_html":"\u003cp\u003eCVE-2026-24082 is a memory corruption vulnerability reported by Qualcomm, stemming from a use-after-free condition. The vulnerability occurs during the execution of a performance counter deselect operation, specifically when copying data from a memory location that has already been freed. Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code with elevated privileges. The vulnerability was published on May 4, 2026, and assigned a CVSS v3.1 base score of 7.8. This poses a significant risk to devices and systems incorporating vulnerable Qualcomm components, potentially leading to device instability, data compromise, or complete system takeover.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eA malicious application or process gains initial access to the system through a separate vulnerability or social engineering.\u003c/li\u003e\n\u003cli\u003eThe malicious application triggers the performance counter functionality.\u003c/li\u003e\n\u003cli\u003eThe application initiates a deselect operation on a specific performance counter.\u003c/li\u003e\n\u003cli\u003eDuring the deselect operation, the system attempts to copy data from a memory location associated with the performance counter.\u003c/li\u003e\n\u003cli\u003eDue to the vulnerability, the memory location has already been freed.\u003c/li\u003e\n\u003cli\u003eThe copy operation attempts to read from the freed memory, resulting in a use-after-free condition.\u003c/li\u003e\n\u003cli\u003eThis can lead to memory corruption, where arbitrary data is written to the freed memory region.\u003c/li\u003e\n\u003cli\u003eThe memory corruption can be leveraged by the attacker to execute arbitrary code with the privileges of the affected process.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-24082 can lead to memory corruption and arbitrary code execution. This could allow a local attacker to gain elevated privileges on the system, potentially leading to data theft, system compromise, or denial of service. The vulnerability affects devices and systems utilizing vulnerable Qualcomm components. The exact number of affected devices is not specified, but the potential impact is significant given Qualcomm\u0026rsquo;s widespread presence in mobile, IoT, and automotive industries.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor for unusual activity related to performance counter operations, specifically process creation events associated with performance monitoring tools using the Sigma rule \u003ccode\u003eDetectSuspiciousPerformanceCounterDeselect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eInvestigate any instances of memory corruption or use-after-free errors, especially those occurring in Qualcomm-related processes, as indicated by system logs.\u003c/li\u003e\n\u003cli\u003eConsult the Qualcomm security bulletin for affected product lists and recommended mitigations at the provided URL.\u003c/li\u003e\n\u003cli\u003eEnable process creation logging to capture events necessary for the \u003ccode\u003eDetectSuspiciousPerformanceCounterDeselect\u003c/code\u003e rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-26T12:00:00Z","date_published":"2024-01-26T12:00:00Z","id":"/briefs/2024-01-qualcomm-cve-2026-24082/","summary":"CVE-2026-24082 is a use-after-free vulnerability in Qualcomm products that occurs when copying data from a freed source during a performance counter deselect operation, potentially leading to memory corruption and arbitrary code execution.","title":"Qualcomm Memory Corruption Vulnerability in Performance Counter Deselect Operation (CVE-2026-24082)","url":"https://feed.craftedsignal.io/briefs/2024-01-qualcomm-cve-2026-24082/"}],"language":"en","title":"CraftedSignal Threat Feed — Qualcomm, Inc.","version":"https://jsonfeed.org/version/1.1"}