7.8

CVE-2026-25271

Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommCologne Firmware Version-
   QualcommCologne Version-
QualcommIqx5121 Firmware Version-
   QualcommIqx5121 Version-
QualcommIqx7181 Firmware Version-
   QualcommIqx7181 Version-
QualcommQca0000 Firmware Version-
   QualcommQca0000 Version-
QualcommSc8380xp Firmware Version-
   QualcommSc8380xp Version-
QualcommWcd9378c Firmware Version-
   QualcommWcd9378c Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
QualcommWcd9385 Firmware Version-
   QualcommWcd9385 Version-
QualcommWsa8840 Firmware Version-
   QualcommWsa8840 Version-
QualcommWsa8845 Firmware Version-
   QualcommWsa8845 Version-
QualcommWsa8845h Firmware Version-
   QualcommWsa8845h Version-
QualcommX2000077 Firmware Version-
   QualcommX2000077 Version-
QualcommX2000086 Firmware Version-
   QualcommX2000086 Version-
QualcommX2000090 Firmware Version-
   QualcommX2000090 Version-
QualcommX2000092 Firmware Version-
   QualcommX2000092 Version-
QualcommX2000094 Firmware Version-
   QualcommX2000094 Version-
QualcommXg101002 Firmware Version-
   QualcommXg101002 Version-
QualcommXg101032 Firmware Version-
   QualcommXg101032 Version-
QualcommXg101039 Firmware Version-
   QualcommXg101039 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.05% 0
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7 1 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
product-security@qualcomm.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html
Vendor Advisory