Primary

Context

Qualcomm Automotive Products Memory Corruption Vulnerability Allowing Performance Counter Manipulation

Vulnerability

A use-after-free vulnerability has been identified in various chipsets used in Qualcomm automotive products. This vulnerability leads to memory corruption by copying data from a freed source while performing a performance counter deselect operation. The issue has been reported internally and is classified as high severity, with a CVSS score of 7.8.

Impact

Exploitation of this vulnerability causes memory corruption, which can lead to arbitrary code execution or the introduction of other vulnerabilities, such as a denial-of-service condition.

Remediation

Qualcomm has released a patch for this vulnerability, which is available through the Qualcomm Update Catalog. Instructions for applying the patch can be obtained by contacting the device manufacturer.

Added: May 5, 2026, 12:12 PM

Updated: May 5, 2026, 12:12 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

7.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

7.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualcomm Automotive Products Memory Corruption Vulnerability Allowing Performance Counter Manipulation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating