CVE-2021-30349
|
Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
June 14, 2022; 6:15:15 AM -0400
|
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
|
CVE-2021-30327
|
Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music Published:
June 14, 2022; 6:15:14 AM -0400
|
V3.1: 6.8 MEDIUM
V2.0: 7.2 HIGH
|
CVE-2021-30281
|
Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
June 14, 2022; 6:15:14 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-1950
|
Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Published:
April 01, 2022; 1:15:07 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30325
|
Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
February 11, 2022; 6:15:08 AM -0500
|
V3.1: 6.7 MEDIUM
V2.0: 4.6 MEDIUM
|
CVE-2021-30335
|
Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30303
|
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30282
|
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30278
|
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
|
CVE-2021-30275
|
Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30274
|
Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30272
|
Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
January 03, 2022; 3:15:08 AM -0500
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-30266
|
Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
November 12, 2021; 2:15:07 AM -0500
|
V3.1: 6.7 MEDIUM
V2.0: 4.6 MEDIUM
|
CVE-2021-30264
|
Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
November 12, 2021; 2:15:07 AM -0500
|
V3.1: 6.7 MEDIUM
V2.0: 4.6 MEDIUM
|
CVE-2021-1924
|
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Published:
November 12, 2021; 2:15:07 AM -0500
|
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
|
CVE-2021-1903
|
Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
November 12, 2021; 2:15:06 AM -0500
|
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
|
CVE-2021-30302
|
Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Published:
October 20, 2021; 3:15:08 AM -0400
|
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
|
CVE-2021-30288
|
Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
October 20, 2021; 3:15:08 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
|
CVE-2021-1980
|
Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
October 20, 2021; 3:15:08 AM -0400
|
V3.1: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
|
CVE-2021-30260
|
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Published:
September 17, 2021; 3:15:09 AM -0400
|
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
