Primary

Context

Linux Kernel Integer Overflow Vulnerability in QAIC Driver

Vulnerability

Patched

An integer overflow vulnerability has been addressed in the Linux kernel's QAIC (Qualcomm AI Chip) driver. The issue was related to improper validation of transfer sizes in the DMA (Direct Memory Access) management process, which could lead to negative byte calculations and potentially allow for incorrect memory operations. The vulnerability was present in the 'accel/qaic' component of the Linux kernel.

Impact

The vulnerability could lead to memory corruption by allowing negative byte calculations in DMA transfers, potentially causing the system to mismanage memory operations.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.

Added: Dec 9, 2025, 2:06 AM

Updated: Dec 9, 2025, 2:06 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Integer Overflow Vulnerability in QAIC Driver

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating