Skip to main content

Qualcomm Snapdragon CVE-2026-21369

| EUVDEUVD-2026-41927 MEDIUM
Out-of-bounds Write (CWE-787)
2026-07-06 qualcomm GHSA-m3mv-mgjg-xqg6
5.3
CVSS 3.1 · Vendor: qualcomm
Share

Severity by source

Vendor (qualcomm) PRIMARY
5.3 MEDIUM
AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
vuln.today AI
5.3 MEDIUM

Race condition requires local low-privilege access; scope change captures potential kernel memory corruption propagating beyond the vulnerable flash driver.

3.1 AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
4.0 AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Primary rating from Vendor (qualcomm).

CVSS VectorVendor: qualcomm

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jul 06, 2026 - 21:31 vuln.today

DescriptionCVE.org

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification.

AnalysisAI

Out-of-bounds write in Qualcomm Snapdragon's flash command handler allows a local low-privileged attacker to corrupt memory by exploiting a race condition between userspace LED count modifications and kernel-side flash command processing. The CVSS scope change (S:C) indicates the corruption can reach components beyond the immediately vulnerable driver - raising the potential for privilege escalation on affected Snapdragon-based devices. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain low-privilege local shell access
Delivery
Access flash LED command interface
Exploit
Concurrently modify userspace LED count
Execution
Win race before driver validates value
Persist
Trigger out-of-bounds write in flash handler
Impact
Corrupt cross-component kernel memory

Vulnerability AssessmentAI

Exploitation Exploitation requires a local, low-privilege process (PR:L, AV:L) - remote unauthenticated exploitation is ruled out by the local attack vector. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 5.3 Medium score reflects meaningful but constrained risk: the local attack vector (AV:L) eliminates remote exploitation, low privileges (PR:L) represent a realistic attacker foothold on developer-mode or compromised Android devices, and high attack complexity (AC:H) indicates a race condition timing dependency that reduces reliable exploitation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local attacker with a low-privilege shell on a Snapdragon-based Android device opens the flash LED command interface and issues a flash command while a concurrent thread modifies the userspace LED count value, winning the race to substitute an out-of-range count before the driver re-reads it. The out-of-bounds write corrupts kernel memory in an adjacent component - potentially overwriting function pointers or security-sensitive structures - enabling privilege escalation. …
Remediation Apply patches provided through the Qualcomm July 2026 Security Bulletin (https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html); exact patched firmware or driver version numbers are not independently confirmed from the available data - consult the bulletin directly and follow up with the device OEM for platform-specific software updates. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-25293 CRITICAL
9.6 May 04

Buffer overflow in Qualcomm Snapdragon firmware enables authentication bypass on adjacent networks, allowing remote unau

CVE-2026-25268 HIGH
8.8 Jul 06

Local privilege escalation and memory corruption in Qualcomm Snapdragon WLAN firmware occurs when the driver parses malf

CVE-2026-25277 HIGH
8.8 Jun 01

Memory corruption in Qualcomm Snapdragon Strongbox component allows local low-privileged attackers to trigger a buffer o

CVE-2026-25276 HIGH
8.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon chipsets stems from an out-of-bounds memory access in the Strongbox tr

CVE-2025-47392 HIGH
8.8 Apr 06

Memory corruption in Qualcomm Snapdragon chipsets allows adjacent network attackers to achieve arbitrary code execution

CVE-2026-24088 HIGH
8.2 Jun 01

Bootloader integrity bypass in Qualcomm Snapdragon platforms allows a high-privileged local attacker to write to a speci

CVE-2026-21379 HIGH
7.8 Jul 06

Local privilege escalation via memory corruption affects Qualcomm Snapdragon platforms, where allocating memory with siz

CVE-2025-59616 HIGH
7.8 Jul 06

Use-after-free memory corruption in Qualcomm Snapdragon platform driver code allows a local low-privileged process to tr

CVE-2025-59615 HIGH
7.8 Jul 06

Local privilege escalation via memory corruption affects a broad range of Qualcomm Snapdragon chipsets, where a use-afte

CVE-2026-25259 HIGH
7.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon platforms is possible through memory corruption when processing multip

CVE-2026-25258 HIGH
7.8 Jun 01

Local privilege escalation in Qualcomm Snapdragon platforms stems from an out-of-bounds read (CWE-125) triggered during

CVE-2025-59606 HIGH
7.8 Jun 01

Local privilege escalation and memory corruption in Qualcomm Snapdragon platforms allows an attacker with low-privileged

Share

CVE-2026-21369 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy