CVE-2021-35102
|
Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile Published:
June 14, 2022; 6:15:16 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-35101
|
Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile Published:
June 14, 2022; 6:15:16 AM -0400
|
V3.1: 6.5 MEDIUM
V2.0: 4.9 MEDIUM
|
CVE-2021-35090
|
Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile Published:
June 14, 2022; 6:15:16 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 6.9 MEDIUM
|
CVE-2021-35083
|
Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published:
June 14, 2022; 6:15:16 AM -0400
|
V3.1: 9.1 CRITICAL
V2.0: 9.4 HIGH
|
CVE-2021-35078
|
Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Published:
June 14, 2022; 6:15:15 AM -0400
|
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
|
CVE-2021-30348
|
Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Published:
January 03, 2022; 3:15:09 AM -0500
|
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW
|
CVE-2021-30303
|
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30289
|
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30282
|
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30278
|
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
|
CVE-2021-30275
|
Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30274
|
Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30273
|
Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
|
CVE-2021-30272
|
Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30271
|
Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30270
|
Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:07 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30269
|
Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:07 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30268
|
Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Published:
January 03, 2022; 3:15:07 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30267
|
Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Published:
January 03, 2022; 3:15:07 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
|
CVE-2021-1894
|
Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:07 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
