CVE-2021-35123

Description

Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT

Related CPE's

oqualcommaqt1000_firmware-*******

hqualcommaqt1000-*******

oqualcommqca6390_firmware-*******

hqualcommqca6390-*******

oqualcommqca6391_firmware-*******

hqualcommqca6391-*******

oqualcommsd_8_gen1_5g_firmware-*******

hqualcommsd_8_gen1_5g-*******

oqualcommsd480_firmware-*******

hqualcommsd480-*******

References

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

PatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

COMPLETE

AvailabilityImpact

COMPLETE

IntegrityImpact

COMPLETE

BaseScore

8.300000190734863

VectorString

AV:A/AC:L/Au:N/C:C/I:C/A:C

Version

2.0

AccessVector

ADJACENT_NETWORK

Authentication

NONE

Created by Yello
About Severity.io