CVE-2021-35126 | Severity.io

Description

Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Related CPE's

qam8295p_firmware

Vulnerable

qca6391_firmware

Vulnerable

qca6696_firmware

Vulnerable

qcm6490_firmware

Vulnerable

qcs6490_firmware

Vulnerable

sa8295p_firmware

Vulnerable

sd_8_gen1_5g_firmware

Vulnerable

sd_8cx_gen3_firmware

Vulnerable

sd778g_firmware

Vulnerable

sd780g_firmware

Vulnerable

Vulnerable

sd888_5g_firmware

Vulnerable

sm7315_firmware

Vulnerable

sm7325p_firmware

Vulnerable

wcd9370_firmware

Vulnerable

wcd9375_firmware

Vulnerable

wcd9380_firmware

Vulnerable

wcd9385_firmware

Vulnerable

wcn6740_firmware

Vulnerable

wcn6750_firmware

Vulnerable

wcn6850_firmware

Vulnerable

wcn6851_firmware

Vulnerable

wcn6855_firmware

Vulnerable

wcn6856_firmware

Vulnerable

wsa8830_firmware

Vulnerable

wsa8835_firmware

Vulnerable

References

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

Vendor Advisory

Weaknesses

[email protected]

Primary

CWE-129

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-06-14T08:15:17.577Z

3 years ago

Last modified

2024-11-21T05:11:59.340Z

1 year ago