Volerion logoVolerion
Volerion logoVolerion

Qualcomm WINBLAST-POWER Untrusted Pointer Dereference Vulnerability Allowing Memory Corruption

Vulnerability

A vulnerability exists in the Qualcomm WINBLAST-POWER firmware, where memory corruption can occur when a driver invokes an IOCTL with invalid input or output buffers. This flaw allows for untrusted pointer dereference, potentially leading to exploitation.

Impact

Exploitation of this vulnerability causes memory corruption, which can be leveraged to manipulate program execution or cause unintended behavior in the application or system.

Remediation

Qualcomm has released a patch for this vulnerability. Instructions for applying the patch can be found in the Qualcomm May 2026 Security Bulletin.

Added: May 4, 2026, 5:39 PM
Updated: May 4, 2026, 5:39 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
0.8
exploitability
3.3
remediation
0.0
relevance
7.4
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.