Primary

Context

Qualcomm Chipsets Use-After-Free Vulnerability in Automotive Audio

Vulnerability

A use-after-free vulnerability has been identified in various chipsets by Qualcomm, specifically within the automotive audio component. This vulnerability leads to memory corruption by allowing access to a buffer after it has been freed, particularly when concurrent operations on shared buffers are not properly synchronized. The issue arises during the processing of Input/Output Control (IOCTL) calls, creating a risk of memory corruption that could be exploited under certain conditions.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to undefined behavior such as arbitrary code execution or causing a denial-of-service condition by crashing the application or system.

Remediation

Qualcomm has released patches for this vulnerability. Instructions for applying the patch can be found in the Qualcomm March 2026 Security Bulletin.

Added: Mar 2, 2026, 6:36 PM

Updated: Mar 2, 2026, 10:24 PM

Affected Products

Qualcomm AR8035

Moderate fix1 remedy

cpe:2.3:h:qualcomm:ar8035:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

>= 12.1X46, < 12.1X46-D81

Qualcomm C-V2X 9150

Moderate fix1 remedy

cpe:2.3:h:qualcomm:c-v2x_9150:*:*:*:*:*:*:*, +3 more

Moderate fix1 remedy

Qualcomm CSRA6620

Moderate fix1 remedy

cpe:2.3:h:qualcomm:csra6620:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm CSRA6640

Moderate fix1 remedy

cpe:2.3:h:qualcomm:csra6640:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm FastConnect 6200

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6200:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm FastConnect 6700

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6700:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm FastConnect 6800

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6800:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm FastConnect 6900

Moderate fix1 remedy

cpe:2.3:h:qualcomm:fastconnect_6900:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

Qualcomm FastConnect 7800

0 remedies

cpe:2.3:h:qualcomm:fastconnect_7800:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Flight RB5 5G Platform

0 remedies

cpe:2.3:h:qualcomm:flight_rb5_5g:*:*:*:*:*:*:*, +3 more

0 remedies

Qualcomm FWA Gen 3 Ultra Platform

0 remedies

Qualcomm G1 Gen 1

0 remedies

Qualcomm Snapdragon 4 Gen 1 Mobile Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile:*:*:*:*:*:*:*, +3 more

0 remedies

Qualcomm Snapdragon 4 Gen 2 Mobile Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_4_gen_2_mobile:*:*:*:*:*:*:*, +3 more

0 remedies

Qualcomm Snapdragon 6 Gen 1 Mobile Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_6_gen_1_mobile_platform:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon 6 Gen 4 Mobile Platform

0 remedies

Qualcomm Snapdragon 8 Gen 1 Mobile Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon 8 Gen 2 Mobile Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile_platform:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon 8 Gen 3 Mobile Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile_platform:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon 8+ Gen 1 Mobile Platform

0 remedies

cpe:2.3:o:qualcomm:snapdragon_8+_gen_1_mobile_platform_firmware:*:*:*:*:*:*:*

0 remedies

Qualcomm Snapdragon 8+ Gen 2 Mobile Platform

0 remedies

cpe:2.3:o:qualcomm:snapdragon_8+_gen_2_mobile_platform_firmware:*:*:*:*:*:*:*

0 remedies

Qualcomm Snapdragon AR1 Gen 1 Platform

0 remedies

cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon Auto 5G Modem-RF Gen 2

0 remedies

cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon X32 5G Modem-RF System

0 remedies

Qualcomm Snapdragon X72 5G Modem-RF System

0 remedies

cpe:2.3:h:qualcomm:snapdragon_x72_5g_modem-rf_system:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm Snapdragon X75 5G Modem-RF System

0 remedies

cpe:2.3:h:qualcomm:snapdragon_x75_5g_modem-rf_system:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm SRV1H

0 remedies

cpe:2.3:h:qualcomm:srv1h:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm SRV1L

0 remedies

cpe:2.3:h:qualcomm:srv1l:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm SRV1M

0 remedies

cpe:2.3:h:qualcomm:srv1m:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm SW5100

0 remedies

cpe:2.3:h:qualcomm:sw5100:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm SW6100

0 remedies

Qualcomm SW6100P

0 remedies

Qualcomm WCD9340

0 remedies

cpe:2.3:h:qualcomm:wcd9340:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCD9370

0 remedies

cpe:2.3:h:qualcomm:wcd9370:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCD9371

0 remedies

cpe:2.3:h:qualcomm:wcd9371:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCD9375

0 remedies

cpe:2.3:h:qualcomm:wcd9375:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCD9378C

0 remedies

cpe:2.3:h:qualcomm:wcd9378:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCD9380

0 remedies

cpe:2.3:h:qualcomm:wcd9380:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCD9385

0 remedies

cpe:2.3:h:qualcomm:wcd9385:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCD9390

0 remedies

cpe:2.3:h:qualcomm:wcd9390:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCD9395

0 remedies

cpe:2.3:h:qualcomm:wcd9395:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN3910

0 remedies

cpe:2.3:h:qualcomm:wcn3910:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN3950

0 remedies

cpe:2.3:h:qualcomm:wcn3950:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN3988

0 remedies

cpe:2.3:h:qualcomm:wcn3988:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN6450

0 remedies

cpe:2.3:h:qualcomm:wcn6450:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN6650

0 remedies

cpe:2.3:h:qualcomm:wcn6650:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN6755

0 remedies

cpe:2.3:h:qualcomm:wcn6755:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN7860

0 remedies

cpe:2.3:h:qualcomm:wcn7860:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN7861

0 remedies

cpe:2.3:h:qualcomm:wcn7861:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN7880

0 remedies

cpe:2.3:h:qualcomm:wcn7880:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WCN7881

0 remedies

cpe:2.3:h:qualcomm:wcn7881:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WSA8810

0 remedies

cpe:2.3:h:qualcomm:wsa8810:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WSA8815

0 remedies

cpe:2.3:h:qualcomm:wsa8815:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WSA8830

0 remedies

cpe:2.3:h:qualcomm:wsa8830:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WSA8832

0 remedies

cpe:2.3:h:qualcomm:wsa8832:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WSA8835

0 remedies

cpe:2.3:h:qualcomm:wsa8835:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WSA8840

0 remedies

cpe:2.3:h:qualcomm:wsa8840:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WSA8845

0 remedies

cpe:2.3:h:qualcomm:wsa8845:*:*:*:*:*:*:*, +1 more

0 remedies

Qualcomm WSA8845H

0 remedies

cpe:2.3:h:qualcomm:wsa8845h:*:*:*:*:*:*:*, +1 more

0 remedies

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.9

exploitability

2.9

remediation

7.7

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.9

exploitability

2.9

remediation

7.7

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.