CVE-2021-35102
|
Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile Published:
June 14, 2022; 6:15:16 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-35083
|
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published:
June 14, 2022; 6:15:16 AM -0400
|
V3.1: 9.1 CRITICAL
V2.0: 9.4 HIGH
|
CVE-2021-35078
|
Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Published:
June 14, 2022; 6:15:15 AM -0400
|
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
|
CVE-2021-30350
|
Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Published:
June 14, 2022; 6:15:15 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30344
|
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published:
June 14, 2022; 6:15:15 AM -0400
|
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
|
CVE-2021-30342
|
Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables Published:
June 14, 2022; 6:15:14 AM -0400
|
V3.1: 5.9 MEDIUM
V2.0: 7.1 HIGH
|
CVE-2021-30341
|
Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Published:
June 14, 2022; 6:15:14 AM -0400
|
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
|
CVE-2021-30281
|
Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
June 14, 2022; 6:15:14 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30333
|
Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published:
April 01, 2022; 1:15:07 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
|
CVE-2021-1942
|
Improper handling of permissions of a shared memory region can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
April 01, 2022; 1:15:06 AM -0400
|
V3.1: 8.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30323
|
Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published:
February 11, 2022; 6:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30322
|
Possible out of bounds write due to improper validation of number of GPIOs configured in an internal parameters array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Published:
February 11, 2022; 6:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30317
|
Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
February 11, 2022; 6:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30308
|
Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Published:
January 13, 2022; 7:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30307
|
Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT Published:
January 13, 2022; 7:15:08 AM -0500
|
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
|
CVE-2021-30300
|
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables Published:
January 13, 2022; 7:15:08 AM -0500
|
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
|
CVE-2021-30285
|
Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 13, 2022; 7:15:08 AM -0500
|
V3.1: 8.8 HIGH
V2.0: 4.6 MEDIUM
|
CVE-2021-30348
|
Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Published:
January 03, 2022; 3:15:09 AM -0500
|
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW
|
CVE-2021-30303
|
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30289
|
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
