CVE-2021-1897 | Severity.io

Description

Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Related CPE's

apq8009_firmware

Vulnerable

apq8009w_firmware

Vulnerable

apq8053_firmware

Vulnerable

aqt1000_firmware

Vulnerable

mdm9206_firmware

Vulnerable

msm8909w_firmware

Vulnerable

qca6420_firmware

Vulnerable

qca6430_firmware

Vulnerable

qca9367_firmware

Vulnerable

qca9377_firmware

Vulnerable

qualcomm215_firmware

Vulnerable

sd_675_firmware

Vulnerable

Vulnerable

Vulnerable

Vulnerable

Vulnerable

sd720g_firmware

Vulnerable

Vulnerable

Vulnerable

sda429w_firmware

Vulnerable

sdx50m_firmware

Vulnerable

Vulnerable

sdx55m_firmware

Vulnerable

sm6250_firmware

Vulnerable

wcd9326_firmware

Vulnerable

wcd9330_firmware

Vulnerable

wcd9340_firmware

Vulnerable

wcd9341_firmware

Vulnerable

wcd9370_firmware

Vulnerable

wcd9375_firmware

Vulnerable

wcd9380_firmware

Vulnerable

wcn3610_firmware

Vulnerable

wcn3615_firmware

Vulnerable

wcn3620_firmware

Vulnerable

wcn3660b_firmware

Vulnerable

wcn3680_firmware

Vulnerable

wcn3680b_firmware

Vulnerable

wcn3950_firmware

Vulnerable

wcn3980_firmware

Vulnerable

wcn3988_firmware

Vulnerable

wcn3991_firmware

Vulnerable

wcn3998_firmware

Vulnerable

wsa8810_firmware

Vulnerable

wsa8815_firmware

Vulnerable

References

https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin

PatchVendor Advisory

Weaknesses

[email protected]

Primary

CWE-125

CVSS impact metrics

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.6 · Medium

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-07-13T06:15:08.150

3 years ago

Last modified

2021-07-15T18:49:05.277

3 years ago