CVE-2021-30298

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 03-01-2022 09:15

Last modified: - 12-01-2022 04:41

Total changes: - 2

Description

Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

7.8

Base score

1.8

5.9

Exploitability score

Impact score

Verification logic

AND

vendor=qualcomm AND product=ar8031_firmware AND version=-

vendor=qualcomm AND product=ar8031 AND version=-

AND

vendor=qualcomm AND product=ar8035_firmware AND version=-

vendor=qualcomm AND product=ar8035 AND version=-

AND

vendor=qualcomm AND product=csra6620_firmware AND version=-

vendor=qualcomm AND product=csra6620 AND version=-

AND

vendor=qualcomm AND product=csra6640_firmware AND version=-

vendor=qualcomm AND product=csra6640 AND version=-

AND

vendor=qualcomm AND product=fsm10055_firmware AND version=-

vendor=qualcomm AND product=fsm10055 AND version=-

AND

vendor=qualcomm AND product=fsm10056_firmware AND version=-

vendor=qualcomm AND product=fsm10056 AND version=-

AND

vendor=qualcomm AND product=ipq8072a_firmware AND version=-

vendor=qualcomm AND product=ipq8072a AND version=-

AND

vendor=qualcomm AND product=ipq8074a_firmware AND version=-

vendor=qualcomm AND product=ipq8074a AND version=-

AND

vendor=qualcomm AND product=ipq8076a_firmware AND version=-

vendor=qualcomm AND product=ipq8076a AND version=-

AND

vendor=qualcomm AND product=mdm9150_firmware AND version=-

vendor=qualcomm AND product=mdm9150 AND version=-

AND

vendor=qualcomm AND product=qca6390_firmware AND version=-

vendor=qualcomm AND product=qca6390 AND version=-

AND

vendor=qualcomm AND product=qca6391_firmware AND version=-

vendor=qualcomm AND product=qca6391 AND version=-

AND

vendor=qualcomm AND product=qca6574au_firmware AND version=-

vendor=qualcomm AND product=qca6574au AND version=-

AND

vendor=qualcomm AND product=qca6595au_firmware AND version=-

vendor=qualcomm AND product=qca6595au AND version=-

AND

vendor=qualcomm AND product=qca6696_firmware AND version=-

vendor=qualcomm AND product=qca6696 AND version=-

AND

vendor=qualcomm AND product=qca8337_firmware AND version=-

vendor=qualcomm AND product=qca8337 AND version=-

AND

vendor=qualcomm AND product=qcn9000_firmware AND version=-

vendor=qualcomm AND product=qcn9000 AND version=-

AND

vendor=qualcomm AND product=qcn9074_firmware AND version=-

vendor=qualcomm AND product=qcn9074 AND version=-

AND

vendor=qualcomm AND product=qcs405_firmware AND version=-

vendor=qualcomm AND product=qcs405 AND version=-

AND

vendor=qualcomm AND product=qcs410_firmware AND version=-

vendor=qualcomm AND product=qcs410 AND version=-

AND

vendor=qualcomm AND product=qcs610_firmware AND version=-

vendor=qualcomm AND product=qcs610 AND version=-

AND

vendor=qualcomm AND product=qrb5165_firmware AND version=-

vendor=qualcomm AND product=qrb5165 AND version=-

AND

vendor=qualcomm AND product=qrb5165n_firmware AND version=-

vendor=qualcomm AND product=qrb5165n AND version=-

AND

vendor=qualcomm AND product=qualcomm215_firmware AND version=-

vendor=qualcomm AND product=qualcomm215 AND version=-

AND

vendor=qualcomm AND product=sa8155p_firmware AND version=-

vendor=qualcomm AND product=sa8155p AND version=-

AND

vendor=qualcomm AND product=sd205_firmware AND version=-

vendor=qualcomm AND product=sd205 AND version=-

AND

vendor=qualcomm AND product=sd210_firmware AND version=-

vendor=qualcomm AND product=sd210 AND version=-

AND

vendor=qualcomm AND product=sd460_firmware AND version=-

vendor=qualcomm AND product=sd460 AND version=-

AND

vendor=qualcomm AND product=sd662_firmware AND version=-

vendor=qualcomm AND product=sd662 AND version=-

AND

vendor=qualcomm AND product=sd665_firmware AND version=-

vendor=qualcomm AND product=sd665 AND version=-

AND

vendor=qualcomm AND product=sd765_firmware AND version=-

vendor=qualcomm AND product=sd765 AND version=-

AND

vendor=qualcomm AND product=sd765g_firmware AND version=-

vendor=qualcomm AND product=sd765g AND version=-

AND

vendor=qualcomm AND product=sd768g_firmware AND version=-

vendor=qualcomm AND product=sd768g AND version=-

AND

vendor=qualcomm AND product=sd865_5g_firmware AND version=-

vendor=qualcomm AND product=sd865_5g AND version=-

AND

vendor=qualcomm AND product=sd870_firmware AND version=-

vendor=qualcomm AND product=sd870 AND version=-

AND

vendor=qualcomm AND product=sda429w_firmware AND version=-

vendor=qualcomm AND product=sda429w AND version=-

AND

vendor=qualcomm AND product=sdx55_firmware AND version=-

vendor=qualcomm AND product=sdx55 AND version=-

AND

vendor=qualcomm AND product=sdx55m_firmware AND version=-

vendor=qualcomm AND product=sdx55m AND version=-

AND

vendor=qualcomm AND product=sm7250p_firmware AND version=-

vendor=qualcomm AND product=sm7250p AND version=-

AND

vendor=qualcomm AND product=wcd9335_firmware AND version=-

vendor=qualcomm AND product=wcd9335 AND version=-

AND

vendor=qualcomm AND product=wcd9340_firmware AND version=-

vendor=qualcomm AND product=wcd9340 AND version=-

AND

vendor=qualcomm AND product=wcd9341_firmware AND version=-

vendor=qualcomm AND product=wcd9341 AND version=-

AND

vendor=qualcomm AND product=wcd9370_firmware AND version=-

vendor=qualcomm AND product=wcd9370 AND version=-

AND

vendor=qualcomm AND product=wcd9375_firmware AND version=-

vendor=qualcomm AND product=wcd9375 AND version=-

AND

vendor=qualcomm AND product=wcd9380_firmware AND version=-

vendor=qualcomm AND product=wcd9380 AND version=-

AND

vendor=qualcomm AND product=wcd9385_firmware AND version=-

vendor=qualcomm AND product=wcd9385 AND version=-

AND

vendor=qualcomm AND product=wcn3610_firmware AND version=-

vendor=qualcomm AND product=wcn3610 AND version=-

AND

vendor=qualcomm AND product=wcn3620_firmware AND version=-

vendor=qualcomm AND product=wcn3620 AND version=-

AND

vendor=qualcomm AND product=wcn3660b_firmware AND version=-

vendor=qualcomm AND product=wcn3660b AND version=-

AND

vendor=qualcomm AND product=wcn3950_firmware AND version=-

vendor=qualcomm AND product=wcn3950 AND version=-

AND

vendor=qualcomm AND product=wcn3980_firmware AND version=-

vendor=qualcomm AND product=wcn3980 AND version=-

AND

vendor=qualcomm AND product=wcn3988_firmware AND version=-

vendor=qualcomm AND product=wcn3988 AND version=-

AND

vendor=qualcomm AND product=wcn3991_firmware AND version=-

vendor=qualcomm AND product=wcn3991 AND version=-

AND

vendor=qualcomm AND product=wcn3998_firmware AND version=-

vendor=qualcomm AND product=wcn3998 AND version=-

AND

vendor=qualcomm AND product=wcn3999_firmware AND version=-

vendor=qualcomm AND product=wcn3999 AND version=-

AND

vendor=qualcomm AND product=wcn6850_firmware AND version=-

vendor=qualcomm AND product=wcn6850 AND version=-

AND

vendor=qualcomm AND product=wcn6851_firmware AND version=-

vendor=qualcomm AND product=wcn6851 AND version=-

AND

vendor=qualcomm AND product=wsa8810_firmware AND version=-

vendor=qualcomm AND product=wsa8810 AND version=-

AND

vendor=qualcomm AND product=wsa8815_firmware AND version=-

vendor=qualcomm AND product=wsa8815 AND version=-

AND

vendor=qualcomm AND product=wsa8830_firmware AND version=-

vendor=qualcomm AND product=wsa8830 AND version=-

AND

vendor=qualcomm AND product=wsa8835_firmware AND version=-

vendor=qualcomm AND product=wsa8835 AND version=-

Reference

https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin

Keywords

CVE-2021-30298

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2021-30298

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures