Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed

Permalink CVE-2025-59603

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

updated 2 weeks, 6 days ago by @LeSuisse Activity log

Created automatic suggestion 2 weeks, 6 days ago
@LeSuisse removed package snapdragon-profiler 2 weeks, 6 days ago
@LeSuisse dismissed 2 weeks, 6 days ago

Out-of-bounds Write in Computer Vision

Memory Corruption when processing invalid user address with nonstandard buffer address.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-b…

Affected products

Snapdragon

==X2000092
==X2000094
==Snapdragon XR2 5G Platform
==Snapdragon XR2+ Gen 1 Platform
==WCD9378C
==FastConnect 7800
==SXR2250P
==WSA8830
==SXR2230P
==WSA8845
==X2000090
==WSA8810
==WSA8840
==X2000086
==SD865 5G
==Cologne
==WSA8815
==XG101039
==XG101032
==X2000077
==WCD9385
==QCA0000
==SC8380XP
==WSA8832
==WCD9380
==WSA8835
==FastConnect 6900
==WSA8845H
==XG101002

Ignored packages (1)

pkgs.snapdragon-profiler

An profiler for Android devices running Snapdragon chips

nixos-unstable 2021.2
- nixpkgs-unstable 2021.2
- nixos-unstable-small 2021.2
nixos-25.11 2021.2
- nixos-25.11-small 2021.2
- nixpkgs-25.11-darwin 2021.2

Not present in nixpkgs