CVE-2021-35123 | Severity.io

Description

Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT

Related CPE's

aqt1000_firmware

Vulnerable

qca6390_firmware

Vulnerable

qca6391_firmware

Vulnerable

sd_8_gen1_5g_firmware

Vulnerable

Vulnerable

Vulnerable

sd778g_firmware

Vulnerable

sd780g_firmware

Vulnerable

Vulnerable

sd865_5g_firmware

Vulnerable

Vulnerable

sd888_5g_firmware

Vulnerable

sdx55m_firmware

Vulnerable

sm6375_firmware

Vulnerable

sm7325p_firmware

Vulnerable

wcd9335_firmware

Vulnerable

wcd9370_firmware

Vulnerable

wcd9375_firmware

Vulnerable

wcd9380_firmware

Vulnerable

wcd9385_firmware

Vulnerable

wcn3980_firmware

Vulnerable

wcn3988_firmware

Vulnerable

wcn3991_firmware

Vulnerable

wcn3998_firmware

Vulnerable

wcn6740_firmware

Vulnerable

wcn6750_firmware

Vulnerable

wcn6850_firmware

Vulnerable

wcn6851_firmware

Vulnerable

wcn6855_firmware

Vulnerable

wcn6856_firmware

Vulnerable

wsa8830_firmware

Vulnerable

wsa8835_firmware

Vulnerable

References

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

PatchVendor Advisory

Weaknesses

[email protected]

Primary

NVD-CWE-Other

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 · High

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-06-14T10:15:17.523

3 years ago

Last modified

2023-04-19T17:10:55.030

2 years ago