By weakness (CWE)

CWE-367: related vulnerabilities

CVEs classified under CWE-367. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

5 published vulnerabilities

  • CVE-2026-25260HIGH 7.8

    A memory corruption vulnerability in Qualcomm firmware and associated devices allows a local, authenticated attacker to corrupt memory by modifying shared buffers concurrently without the system validating those changes. This is a time-of-check-time-of-use (TOCTOU) style flaw where kernel or firmware code assumes a buffer's contents remain unchanged, but a malicious user-mode process modifies it between the check and actual use. The vulnerability requires local access and valid credentials but can lead to complete system compromise.

  • CVE-2025-64390HIGH 7.4

    PlayStation 4 consoles running firmware versions 13.00 through 13.02 are vulnerable to a privilege escalation attack that allows an attacker with local access to escape the Blu-ray Disc Java (BD-J) sandbox environment by crafting a malicious JAR file. Once the sandbox is bypassed, an attacker could gain elevated system privileges on the device, potentially leading to unauthorized access or control of the console.

  • CVE-2025-59610MEDIUM 6.4

    A memory corruption vulnerability affects numerous Qualcomm chipsets and platforms when processing IOCTL (input/output control) requests that contain mismatched API versions. The flaw stems from concurrent modification of user-space buffers during processing, allowing a privileged local attacker to corrupt kernel memory and potentially gain elevated code execution. The vulnerability requires high privilege access and specific conditions to trigger, limiting opportunistic exploitation but posing significant risk in compromised or malicious insider scenarios.

  • CVE-2026-20454MEDIUM 6.4

    CVE-2026-20454 is a privilege escalation vulnerability in MediaTek's geniezone component affecting multiple system-on-chip (SoC) models. An attacker who already holds System privilege can exploit a race condition in memory handling to read or modify sensitive data and potentially gain higher-level control. No user interaction or network access is required—exploitation occurs locally once System privilege is obtained.

  • CVE-2026-46159MEDIUM 4.7

    A race condition in the Linux kernel's btrfs filesystem driver can leak uninitialized kernel memory to unprivileged local users. The vulnerability exists in the ioctl handler that reports storage space information. When block groups are concurrently removed by the system during the space query operation, the kernel copies more data to userspace than it actually wrote, exposing sensitive kernel memory. An attacker with local access can exploit this timing window to read information that should not be accessible.