CVE-2021-35100

Description

Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Related CPE's

oqualcommapq8009w_firmware-*******

hqualcommapq8009w-*******

oqualcommapq8017_firmware-*******

hqualcommapq8017-*******

oqualcommapq8064au_firmware-*******

hqualcommapq8064au-*******

oqualcommapq8096au_firmware-*******

hqualcommapq8096au-*******

oqualcommaqt1000_firmware-*******

hqualcommaqt1000-*******

References

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

NONE

AvailabilityImpact

COMPLETE

IntegrityImpact

NONE

BaseScore

7.800000190734863

VectorString

AV:N/AC:L/Au:N/C:N/I:N/A:C

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io