Primary

Context

Qualcomm DSP Service Memory Corruption Vulnerability Allowing Process Creation Issues

Vulnerability

A memory corruption vulnerability has been identified in the Digital Signal Processor (DSP) service of Qualcomm chipsets. This issue arises during process creation, where an allocation failure at the kernel level leads to improper memory management. The vulnerability is categorized as a Time-of-check Time-of-use (TOCTOU) race condition, allowing for potential exploitation under certain conditions.

Impact

Exploitation of this vulnerability causes memory corruption, which can disrupt normal process execution on the affected DSP.

Remediation

Qualcomm has patched this vulnerability. Instructions for applying the patch can be found in the Qualcomm May 2026 Security Bulletin.

Added: May 4, 2026, 5:39 PM

Updated: May 4, 2026, 5:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.0

exploitability

2.9

remediation

0.0

relevance

7.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.0

exploitability

2.9

remediation

0.0

relevance

7.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm DSP Service Memory Corruption Vulnerability Allowing Process Creation Issues

Vulnerability

Impact

Remediation

Affected Products

Qualcomm DSP Service

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating