CVE-2021-1967 | Severity.io

Description

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Related CPE's

apq8009_firmware

Vulnerable

apq8053_firmware

Vulnerable

aqt1000_firmware

Vulnerable

ar8031_firmware

Vulnerable

ar8035_firmware

Vulnerable

csra6620_firmware

Vulnerable

csra6640_firmware

Vulnerable

mdm9206_firmware

Vulnerable

mdm9628_firmware

Vulnerable

qca6174a_firmware

Vulnerable

qca6390_firmware

Vulnerable

qca6391_firmware

Vulnerable

qca6420_firmware

Vulnerable

qca6421_firmware

Vulnerable

qca6426_firmware

Vulnerable

qca6430_firmware

Vulnerable

qca6431_firmware

Vulnerable

qca6436_firmware

Vulnerable

qca6564a_firmware

Vulnerable

qca6564au_firmware

Vulnerable

qca6574_firmware

Vulnerable

qca6574a_firmware

Vulnerable

qca6574au_firmware

Vulnerable

qca6595_firmware

Vulnerable

qca6595au_firmware

Vulnerable

qca6696_firmware

Vulnerable

qca8337_firmware

Vulnerable

qca9367_firmware

Vulnerable

qca9377_firmware

Vulnerable

qcm4290_firmware

Vulnerable

qcm6125_firmware

Vulnerable

qcs405_firmware

Vulnerable

qcs410_firmware

Vulnerable

qcs4290_firmware

Vulnerable

qcs605_firmware

Vulnerable

qcs610_firmware

Vulnerable

qcs6125_firmware

Vulnerable

qrb5165_firmware

Vulnerable

qualcomm215_firmware

Vulnerable

sa6145p_firmware

Vulnerable

sa6150p_firmware

Vulnerable

sa6155_firmware

Vulnerable

sa6155p_firmware

Vulnerable

sa8145p_firmware

Vulnerable

sa8150p_firmware

Vulnerable

sa8155_firmware

Vulnerable

sa8155p_firmware

Vulnerable

sa8195p_firmware

Vulnerable

sd_675_firmware

Vulnerable

Vulnerable

sd_8cx_firmware

Vulnerable

Vulnerable

Vulnerable

Vulnerable

Vulnerable

Vulnerable

Vulnerable

Vulnerable

sd690_5g_firmware

Vulnerable

sd720g_firmware

Vulnerable

sd750g_firmware

Vulnerable

Vulnerable

sd765g_firmware

Vulnerable

sd768g_firmware

Vulnerable

sd778g_firmware

Vulnerable

sd780g_firmware

Vulnerable

Vulnerable

Vulnerable

sd865_5g_firmware

Vulnerable

Vulnerable

sd888_5g_firmware

Vulnerable

sda429w_firmware

Vulnerable

Vulnerable

sdx55m_firmware

Vulnerable

sdxr2_5g_firmware

Vulnerable

sm6250_firmware

Vulnerable

sm7250_firmware

Vulnerable

sm7325_firmware

Vulnerable

wcd9326_firmware

Vulnerable

wcd9330_firmware

Vulnerable

wcd9335_firmware

Vulnerable

wcd9340_firmware

Vulnerable

wcd9341_firmware

Vulnerable

wcd9370_firmware

Vulnerable

wcd9375_firmware

Vulnerable

wcd9380_firmware

Vulnerable

wcd9385_firmware

Vulnerable

wcn3610_firmware

Vulnerable

wcn3615_firmware

Vulnerable

wcn3620_firmware

Vulnerable

wcn3660b_firmware

Vulnerable

wcn3680_firmware

Vulnerable

wcn3680b_firmware

Vulnerable

wcn3950_firmware

Vulnerable

wcn3980_firmware

Vulnerable

wcn3988_firmware

Vulnerable

wcn3990_firmware

Vulnerable

wcn3991_firmware

Vulnerable

wcn3998_firmware

Vulnerable

wcn3999_firmware

Vulnerable

wcn6740_firmware

Vulnerable

wcn6750_firmware

Vulnerable

wcn6850_firmware

Vulnerable

wcn6851_firmware

Vulnerable

wcn6855_firmware

Vulnerable

wcn6856_firmware

Vulnerable

wsa8810_firmware

Vulnerable

wsa8815_firmware

Vulnerable

wsa8830_firmware

Vulnerable

wsa8835_firmware

Vulnerable

References

https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

PatchVendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

PatchVendor Advisory

Weaknesses

[email protected]

Primary

CWE-787

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

5.3 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-10-20T05:15:07.787Z

4 years ago

Last modified

2024-11-21T04:45:41.237Z

1 year ago