CVE-2021-35078

Description

Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Related CPE's

oqualcommaqt1000_firmware-*******

hqualcommaqt1000-*******

oqualcommar8035_firmware-*******

hqualcommar8035-*******

oqualcommcsrb31024_firmware-*******

hqualcommcsrb31024-*******

oqualcommqca6174a_firmware-*******

hqualcommqca6174a-*******

oqualcommqca6390_firmware-*******

hqualcommqca6390-*******

References

https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

NONE

AvailabilityImpact

COMPLETE

IntegrityImpact

NONE

BaseScore

7.800000190734863

VectorString

AV:N/AC:L/Au:N/C:N/I:N/A:C

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io