Primary

Context

Qualcomm Camera Buffer Over-Read Vulnerability in IOCTL Processing

Vulnerability

A memory corruption vulnerability has been identified in Qualcomm camera drivers across various chipsets. This issue arises from accessing an output buffer without proper size validation during IOCTL processing, leading to a buffer over-read condition. The vulnerability is present in multiple chipsets, including those used in Snapdragon mobile platforms and other Qualcomm technologies.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to undefined behavior in the application, including potential arbitrary code execution or causing a device to become unresponsive.

Remediation

Qualcomm has notified device manufacturers about this vulnerability and recommended that they deploy patches. Instructions for applying the patch can be found in the Qualcomm April 2026 Security Bulletin.

Added: Apr 6, 2026, 5:09 PM

Updated: Apr 6, 2026, 5:09 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.2

exploitability

3.3

remediation

0.0

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.2

exploitability

3.3

remediation

0.0

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Camera Buffer Over-Read Vulnerability in IOCTL Processing

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating