Impact
The vulnerability is a buffer over‑read that occurs during memory allocation when the requested size exceeds the maximum allowable limit. This results in memory corruption, which may affect the stability or correctness of the program. The issue is classified as CWE‑126.
Affected Systems
Qualcomm, Inc. Snapdragon chipsets. No specific firmware or hardware versions are listed in the advisory, so all devices that use Qualcomm Snapdragon processors may be affected unless they have applied the vendor’s fix.
Risk and Exploitability
The CVSS base score is 7.8, indicating a high severity vulnerability. The EPSS score is < 1%, and it is not listed in CISA’s KEV catalog, indicating a very low probability of exploitation. No specific details about the attacker’s required access or how exploitation would be performed are provided in the advisory; therefore the risk assessment remains based on the CVSS metric alone.
OpenCVE Enrichment