Primary

Context

Qualcomm GPS Buffer Over-read Vulnerability Allowing Memory Corruption

Vulnerability

A memory corruption vulnerability has been identified in various chipsets of Qualcomm GPS technology. This issue arises when the system decodes corrupted satellite data files that contain invalid signature offsets, leading to improper memory handling. The vulnerability is categorized as a buffer over-read, where the system reads more data than intended, potentially allowing for exploitation.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to arbitrary code execution or other unintended behavior by manipulating the application's memory.

Remediation

Qualcomm has notified device manufacturers about this vulnerability and is actively sharing patches. For information on the patching status, contact the device manufacturer.

Added: Apr 6, 2026, 5:00 PM

Updated: Apr 6, 2026, 5:00 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

5.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

5.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm GPS Buffer Over-read Vulnerability Allowing Memory Corruption

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating