Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Qualcomm, Inc. Snapdragon unaffected
Version Status Constraints
AR8035 affected
Cologne affected
FastConnect 6200 affected
FastConnect 6700 affected
FastConnect 6900 affected
FastConnect 7800 affected
FWA Gen 3 Ultra Platform affected
G2 Gen 1 affected
Milos affected
Netrani affected
Orne affected
Palawan25 affected
Pandeiro affected
QCA6391 affected
QCA6698AU affected
QCA6777AQ affected
QCA6787AQ affected
QCA6797AQ affected
QCA8081 affected
QCA8337 affected
QCC2073 affected
QCC2076 affected
QCC710 affected
QCN6224 affected
QCN6274 affected
QCN9011 affected
QCN9012 affected
QCS8550 affected
QFW7114 affected
QFW7124 affected
QLN1083BD affected
QLN1086BD affected
QMP1000 affected
QPA1083BD affected
QPA1086BD affected
QXM1083 affected
QXM1086 affected
QXM1093 affected
QXM1094 affected
QXM1095 affected
QXM1096 affected
SAR1165P affected
SAR2130P affected
SC8380XP affected
SM6650P affected
SM7435 affected
SM7635P affected
SM7675 affected
SM7675P affected
SM8635 affected
SM8635P affected
SM8650Q affected
SM8750P affected
Snapdragon 6 Gen 1 Mobile Platform affected
Snapdragon 6 Gen 3 Mobile Platform affected
Snapdragon 6 Gen 4 Mobile Platform affected
Snapdragon 7s Gen 3 Mobile Platform affected
Snapdragon 8 Elite affected
Snapdragon 8 Elite Gen 5 affected
Snapdragon 8 Gen 3 Mobile Platform affected
Snapdragon AR1 Gen 1 Platform affected
Snapdragon AR1+ Gen 1 Platform affected
Snapdragon X72 5G Modem-RF System affected
Snapdragon X75 5G Modem-RF System affected
SXR2230P affected
SXR2250P affected
SXR2330P affected
SXR2350P affected
WCD9340 affected
WCD9370 affected
WCD9375 affected
WCD9378 affected
WCD9378C affected
WCD9380 affected
WCD9385 affected
WCD9390 affected
WCD9395 affected
WCN3988 affected
WCN6450 affected
WCN6650 affected
WCN6755 affected
WCN7860 affected
WCN7861 affected
WCN7880 affected
WCN7881 affected
WSA8810 affected
WSA8815 affected
WSA8830 affected
WSA8832 affected
WSA8835 affected
WSA8840 affected
WSA8845 affected
WSA8845H affected
X2000077 affected
X2000086 affected
X2000090 affected
X2000092 affected
X2000094 affected
XG101002 affected
XG101032 affected
XG101039 affected
XRV7209 affected
XRV9209 affected

No data.

No data.

No data.

Project Subscriptions

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html cve-icon cve-icon
History

Mon, 06 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Description Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
Title Buffer Over-read in WLAN Firmware
Weaknesses CWE-126
References
Metrics cvssV3_1

{'score': 7.6, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2026-04-06T16:22:14.443Z

Reserved: 2025-12-17T04:35:45.743Z

Link: CVE-2026-21381

cve-icon Vulnrichment

Updated: 2026-04-06T16:14:32.837Z

cve-icon NVD

Status : Received

Published: 2026-04-06T16:16:31.203

Modified: 2026-04-06T16:16:31.203

Link: CVE-2026-21381

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses