Description
Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.
Published: 2026-07-06
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack‑based buffer overflow occurs in Qualcomm’s Snapdragon WLAN host code when processing malformed HT40 channel layouts during dynamic channel switching. This memory corruption can corrupt the stack on the device. The official description indicates that this may lead to a crash or loss of service, but it does not provide evidence of arbitrary code execution.

Affected Systems

Qualcomm Snapdragon wireless platforms are affected. No specific firmware or product version numbers are listed, but all Snapdragon devices that implement dynamic channel switching may be vulnerable unless mitigated by a vendor update.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity. The EPSS score of < 1% shows a very low but non‑zero exploitation probability. The vulnerability is not listed in CISA’s KEV catalog. Attackers could trigger the overflow by transmitting crafted Wi‑Fi frames that invoke an invalid HT40 channel layout, a likely remote attack vector from a nearby device or through an open network. The overflow could ultimately lead to a crash, loss of confidentiality, integrity issues, or other destructive outcomes.

Generated by OpenCVE AI on July 9, 2026 at 11:49 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Qualcomm firmware to a version that includes the buffer overflow fix.
  • If a patch is unavailable, disable dynamic channel switching in the wireless firmware configuration or remove the affected module.
  • Configure network isolation to limit exposure to untrusted wireless traffic and monitor for anomalous channel switch attempts.

Generated by OpenCVE AI on July 9, 2026 at 11:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 06 Jul 2026 21:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 06 Jul 2026 20:30:00 +0000

Type Values Removed Values Added
Description Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.
Title Stack-based Buffer Overflow in WLAN Host
Weaknesses CWE-121
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}


Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2026-07-07T03:56:16.611Z

Reserved: 2026-02-02T04:19:00.940Z

Link: CVE-2026-25268

cve-icon Vulnrichment

Updated: 2026-07-06T20:56:15.191Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-09T12:00:11Z

Weaknesses
  • CWE-121

    Stack-based Buffer Overflow