CVE-2026-21384

MEDIUM

Qualcomm, Snapdragon - Out-Of-Bounds Write in Camera Driver

Title source: rule
STIX 2.1

Description

Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits.

Scores

CVSS v3 5.3
EPSS 0.0006
EPSS Percentile 0.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (50)
qualcomm/fastconnect_6700_firmware
qualcomm/fastconnect_6900_firmware
qualcomm/fastconnect_7800_firmware
qualcomm/lemans_au_lgit_firmware
qualcomm/lemansau_firmware
qualcomm/netrani_firmware
qualcomm/pandeiro_firmware
qualcomm/qam8255p_firmware
qualcomm/qamsrv1h_firmware
qualcomm/qamsrv1m_firmware
... and 40 more
Published Jul 06, 2026
Tracked Since Jul 07, 2026