CVE-2021-30309

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 11-02-2022 12:15

Last modified: - 18-02-2022 02:46

Total changes: - 2

Description

Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

7.8

Base score

1.8

5.9

Exploitability score

Impact score

Verification logic

AND

vendor=qualcomm AND product=mdm9650_firmware AND version=-

vendor=qualcomm AND product=mdm9650 AND version=-

AND

vendor=qualcomm AND product=qca6174a_firmware AND version=-

vendor=qualcomm AND product=qca6174a AND version=-

AND

vendor=qualcomm AND product=qca6390_firmware AND version=-

vendor=qualcomm AND product=qca6390 AND version=-

AND

vendor=qualcomm AND product=qca6391_firmware AND version=-

vendor=qualcomm AND product=qca6391 AND version=-

AND

vendor=qualcomm AND product=qca9377_firmware AND version=-

vendor=qualcomm AND product=qca9377 AND version=-

AND

vendor=qualcomm AND product=qcm6125_firmware AND version=-

vendor=qualcomm AND product=qcm6125 AND version=-

AND

vendor=qualcomm AND product=qcs410_firmware AND version=-

vendor=qualcomm AND product=qcs410 AND version=-

AND

vendor=qualcomm AND product=qcs603_firmware AND version=-

vendor=qualcomm AND product=qcs603 AND version=-

AND

vendor=qualcomm AND product=qcs605_firmware AND version=-

vendor=qualcomm AND product=qcs605 AND version=-

AND

vendor=qualcomm AND product=qcs610_firmware AND version=-

vendor=qualcomm AND product=qcs610 AND version=-

AND

vendor=qualcomm AND product=qcs6125_firmware AND version=-

vendor=qualcomm AND product=qcs6125 AND version=-

AND

vendor=qualcomm AND product=sd660_firmware AND version=-

vendor=qualcomm AND product=sd660 AND version=-

AND

vendor=qualcomm AND product=sd665_firmware AND version=-

vendor=qualcomm AND product=sd665 AND version=-

AND

vendor=qualcomm AND product=sd690_5g_firmware AND version=-

vendor=qualcomm AND product=sd690_5g AND version=-

AND

vendor=qualcomm AND product=sd730_firmware AND version=-

vendor=qualcomm AND product=sd730 AND version=-

AND

vendor=qualcomm AND product=sd765_firmware AND version=-

vendor=qualcomm AND product=sd765 AND version=-

AND

vendor=qualcomm AND product=sd765g_firmware AND version=-

vendor=qualcomm AND product=sd765g AND version=-

AND

vendor=qualcomm AND product=sd768g_firmware AND version=-

vendor=qualcomm AND product=sd768g AND version=-

AND

vendor=qualcomm AND product=sd865_5g_firmware AND version=-

vendor=qualcomm AND product=sd865_5g AND version=-

AND

vendor=qualcomm AND product=sd870_firmware AND version=-

vendor=qualcomm AND product=sd870 AND version=-

AND

vendor=qualcomm AND product=sdx12_firmware AND version=-

vendor=qualcomm AND product=sdx12 AND version=-

AND

vendor=qualcomm AND product=sdx55m_firmware AND version=-

vendor=qualcomm AND product=sdx55m AND version=-

AND

vendor=qualcomm AND product=sdxr1_firmware AND version=-

vendor=qualcomm AND product=sdxr1 AND version=-

AND

vendor=qualcomm AND product=sm7250p_firmware AND version=-

vendor=qualcomm AND product=sm7250p AND version=-

AND

vendor=qualcomm AND product=wcd9326_firmware AND version=-

vendor=qualcomm AND product=wcd9326 AND version=-

AND

vendor=qualcomm AND product=wcd9335_firmware AND version=-

vendor=qualcomm AND product=wcd9335 AND version=-

AND

vendor=qualcomm AND product=wcd9341_firmware AND version=-

vendor=qualcomm AND product=wcd9341 AND version=-

AND

vendor=qualcomm AND product=wcd9370_firmware AND version=-

vendor=qualcomm AND product=wcd9370 AND version=-

AND

vendor=qualcomm AND product=wcd9375_firmware AND version=-

vendor=qualcomm AND product=wcd9375 AND version=-

AND

vendor=qualcomm AND product=wcd9380_firmware AND version=-

vendor=qualcomm AND product=wcd9380 AND version=-

AND

vendor=qualcomm AND product=wcd9385_firmware AND version=-

vendor=qualcomm AND product=wcd9385 AND version=-

AND

vendor=qualcomm AND product=wcn3950_firmware AND version=-

vendor=qualcomm AND product=wcn3950 AND version=-

AND

vendor=qualcomm AND product=wcn3980_firmware AND version=-

vendor=qualcomm AND product=wcn3980 AND version=-

AND

vendor=qualcomm AND product=wcn3988_firmware AND version=-

vendor=qualcomm AND product=wcn3988 AND version=-

AND

vendor=qualcomm AND product=wcn3990_firmware AND version=-

vendor=qualcomm AND product=wcn3990 AND version=-

AND

vendor=qualcomm AND product=wcn3991_firmware AND version=-

vendor=qualcomm AND product=wcn3991 AND version=-

AND

vendor=qualcomm AND product=wcn3998_firmware AND version=-

vendor=qualcomm AND product=wcn3998 AND version=-

AND

vendor=qualcomm AND product=wcn6850_firmware AND version=-

vendor=qualcomm AND product=wcn6850 AND version=-

AND

vendor=qualcomm AND product=wcn6851_firmware AND version=-

vendor=qualcomm AND product=wcn6851 AND version=-

AND

vendor=qualcomm AND product=wsa8810_firmware AND version=-

vendor=qualcomm AND product=wsa8810 AND version=-

AND

vendor=qualcomm AND product=wsa8815_firmware AND version=-

vendor=qualcomm AND product=wsa8815 AND version=-

AND

vendor=qualcomm AND product=wsa8830_firmware AND version=-

vendor=qualcomm AND product=wsa8830 AND version=-

AND

vendor=qualcomm AND product=wsa8835_firmware AND version=-

vendor=qualcomm AND product=wsa8835 AND version=-

Reference

https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin

Keywords

CVE-2021-30309

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2021-30309

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures