Nixpkgs security tracker
Untriaged
Permalink
CVE-2026-21376
7.8 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): Low (L)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): Low (L)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
Activity log
- Created suggestion
Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Affected products
Snapdragon
- ==FastConnect 6800
- ==X2000092
- ==QCM5430
- ==X2000090
- ==FastConnect 7800
- ==Snapdragon 8cx Compute Platform "Poipu Pro"
- ==WSA8815
- ==Snapdragon 460 Mobile Platform
- ==WSA8840
- ==SM6250
- ==WSA8810
- ==Snapdragon 8cx Gen 3 Compute Platform
- ==XG101039
- ==Snapdragon 8c Compute Platform "Poipu Lite"
- ==WSA8835
- ==XG101032
- ==X2000094
- ==QCA6420
- ==WSA8845H
- ==WCN3988
- ==Snapdragon 7c Compute Platform
- ==Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro"
- ==WCD9380
- ==Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
- ==FastConnect 6700
- ==Snapdragon 8cx Compute Platform
- ==X2000086
- ==WCN3950
- ==WSA8832
- ==QCA0000
- ==Snapdragon AR1 Gen 1 Platform
- ==WSA8845
- ==WCD9378C
- ==Qualcomm Video Collaboration VC3 Platform
- ==WCD9375
- ==WSA8830
- ==Snapdragon 8cx Gen 2 5G Compute Platform
- ==Cologne
- ==QCA6430
- ==XG101002
- ==SC8380XP
- ==WCD9340
- ==X2000077
- ==FastConnect 6200
- ==QCM6490
- ==FastConnect 6900
- ==QCA6391
- ==AQT1000
- ==Snapdragon 662 Mobile Platform
- ==Snapdragon 7c+ Gen 3 Compute
- ==WCD9370
- ==WCD9385
- ==Snapdragon 7c Gen 2 Compute Platform "Rennell Pro"
- ==WCD9341