CVE-2021-35084

Description

Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Related CPE's

oqualcommaqt1000_firmware-*******

hqualcommaqt1000-*******

oqualcommar8031_firmware-*******

hqualcommar8031-*******

oqualcommar8035_firmware-*******

hqualcommar8035-*******

oqualcommcsra6620_firmware-*******

hqualcommcsra6620-*******

oqualcommcsra6640_firmware-*******

hqualcommcsra6640-*******

References

https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

PatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

PARTIAL

AvailabilityImpact

PARTIAL

IntegrityImpact

NONE

BaseScore

3.5999999046325684

VectorString

AV:L/AC:L/Au:N/C:P/I:N/A:P

Version

2.0

AccessVector

LOCAL

Authentication

NONE

Created by Yello
About Severity.io