CVE-2021-35090 | Severity.io

Description

Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Related CPE's

aqt1000_firmware

Vulnerable

qca6390_firmware

Vulnerable

qca6391_firmware

Vulnerable

qca6420_firmware

Vulnerable

qca6421_firmware

Vulnerable

qca6426_firmware

Vulnerable

qca6430_firmware

Vulnerable

qca6431_firmware

Vulnerable

qca6436_firmware

Vulnerable

qcm6490_firmware

Vulnerable

qcs6490_firmware

Vulnerable

qrb5165_firmware

Vulnerable

qrb5165m_firmware

Vulnerable

qrb5165n_firmware

Vulnerable

qsm8350_firmware

Vulnerable

sa8540p_firmware

Vulnerable

sa9000p_firmware

Vulnerable

sd_8cx_firmware

Vulnerable

sd_8cx_gen2_firmware

Vulnerable

sd690_5g_firmware

Vulnerable

sd750g_firmware

Vulnerable

Vulnerable

sd765g_firmware

Vulnerable

sd768g_firmware

Vulnerable

sd778g_firmware

Vulnerable

sd780g_firmware

Vulnerable

sd865_5g_firmware

Vulnerable

Vulnerable

Vulnerable

sd888_5g_firmware

Vulnerable

sdx55m_firmware

Vulnerable

sdxr2_5g_firmware

Vulnerable

sm7250p_firmware

Vulnerable

sm7315_firmware

Vulnerable

sm7325p_firmware

Vulnerable

wcd9340_firmware

Vulnerable

wcd9341_firmware

Vulnerable

wcd9370_firmware

Vulnerable

wcd9375_firmware

Vulnerable

wcd9380_firmware

Vulnerable

wcd9385_firmware

Vulnerable

wcn3988_firmware

Vulnerable

wcn3991_firmware

Vulnerable

wcn3998_firmware

Vulnerable

wcn6740_firmware

Vulnerable

wcn6750_firmware

Vulnerable

wcn6850_firmware

Vulnerable

wcn6851_firmware

Vulnerable

wcn6855_firmware

Vulnerable

wcn6856_firmware

Vulnerable

wcn7850_firmware

Vulnerable

wcn7851_firmware

Vulnerable

wsa8810_firmware

Vulnerable

wsa8815_firmware

Vulnerable

wsa8830_firmware

Vulnerable

wsa8835_firmware

Vulnerable

References

https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

Vendor Advisory

Weaknesses

[email protected]

Primary

CWE-367

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 · Critical

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-06-14T08:15:16.447Z

3 years ago

Last modified

2024-11-21T05:11:51.873Z

1 year ago