CVE-2021-30288

Description

Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Related CPE's

Could not find any relations

CvssV3 impact

Version

3.1

VectorString

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AttackVector

LOCAL

AttackComplexity

LOW

PrivilegesRequired

NONE

UserInteraction

NONE

Scope

UNCHANGED

ConfidentialityImpact

HIGH

IntegrityImpact

HIGH

AvailabilityImpact

HIGH

BaseScore

8.4

BaseSeverity

HIGH

CvssV2 impact

Could not find any metrics