Qualcomm FastConnect 6900
Moderate fix1 remedy
cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- >= 12.1X46, < 12.1X46-D81
Qualcomm Camera Driver TOCTOU Race Condition Vulnerability Allowing Memory Corruption
Vulnerability
A time-of-check time-of-use (TOCTOU) race condition vulnerability has been identified in the Qualcomm Camera Driver. This vulnerability allows memory corruption to occur when a blob structure is altered by user-space after it has been verified by the kernel. The issue arises from improper synchronization, enabling user-space modifications to interfere with kernel-level processing, potentially leading to arbitrary memory changes or corruption.
Impact
Exploitation of this vulnerability causes memory corruption, which can lead to undefined behavior such as application crashes, memory leaks, or the execution of arbitrary code.
Remediation
Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm May 2025 Security Bulletin.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
0.6exploitability
3.3remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.