Primary

Context

Qualcomm Automotive Linux OS Improper Validation of Array Index Vulnerability

Vulnerability

A memory corruption vulnerability has been identified in the kernel driver of Qualcomm's Automotive Linux OS. This issue arises from improper validation of array indices, leading to memory corruption when accessing resources within the kernel driver.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to undefined behavior in the kernel, potentially allowing for arbitrary code execution or causing a denial-of-service condition.

Remediation

Qualcomm has notified customers about this vulnerability and is actively sharing patches with device manufacturers. Instructions for applying the patch can be found in the January 2026 Qualcomm Security Bulletin.

Added: Jan 7, 2026, 12:48 PM

Updated: Jan 7, 2026, 12:48 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Automotive Linux OS Improper Validation of Array Index Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating