Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-25271— Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service

CVSS 7.8 · High EPSS 0.05% · P0

Affected Version Matrix 21

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonCologneaffected
FastConnect 6900affected
FastConnect 7800affected
IQX5121affected
IQX7181affected
QCA0000affected
SC8380XPaffected
WCD9378Caffected
… +13 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-25271

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
Source: NVD (National Vulnerability Database)
Vulnerability Description
Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Qualcomm, Inc.Snapdragon Cologne -

II. Public POCs for CVE-2026-25271

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-25271

登录查看更多情报信息。

Vendor Advisories for CVE-2026-25271 (1)

Same Patch Batch · Qualcomm, Inc. · 2026-07-06 · 11 CVEs total

CVE-2026-252688.8 HIGHStack-based Buffer Overflow in WLAN Host
CVE-2026-213797.8 HIGHBuffer Over-read in Windows Compute
CVE-2026-213837.1 HIGHReusing a Nonce, Key Pair in Encryption in HLOS
CVE-2025-596176.6 MEDIUMUse After Free in Computer Vision
CVE-2025-596166.6 MEDIUMUse After Free in Computer Vision
CVE-2025-596156.6 MEDIUMUse After Free in Computer Vision
CVE-2026-213845.3 MEDIUMOut-of-bounds Write in Camera Driver
CVE-2026-213705.3 MEDIUMOut-of-bounds Write in Camera Driver
CVE-2026-213695.3 MEDIUMOut-of-bounds Write in Camera Driver
CVE-2026-213685.3 MEDIUMOut-of-bounds Write in Camera Driver

IV. Related Vulnerabilities

V. Comments for CVE-2026-25271

No comments yet


Leave a comment