CVE-2021-35074

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 11-02-2022 12:15

Last modified: - 18-02-2022 08:54

Total changes: - 2

Description

Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

7.8

Base score

1.8

5.9

Exploitability score

Impact score

Verification logic

AND

vendor=qualcomm AND product=ar8035_firmware AND version=-

vendor=qualcomm AND product=ar8035 AND version=-

AND

vendor=qualcomm AND product=qca6174a_firmware AND version=-

vendor=qualcomm AND product=qca6174a AND version=-

AND

vendor=qualcomm AND product=qca6391_firmware AND version=-

vendor=qualcomm AND product=qca6391 AND version=-

AND

vendor=qualcomm AND product=qca6574au_firmware AND version=-

vendor=qualcomm AND product=qca6574au AND version=-

AND

vendor=qualcomm AND product=qca6595au_firmware AND version=-

vendor=qualcomm AND product=qca6595au AND version=-

AND

vendor=qualcomm AND product=qca6696_firmware AND version=-

vendor=qualcomm AND product=qca6696 AND version=-

AND

vendor=qualcomm AND product=qca8081_firmware AND version=-

vendor=qualcomm AND product=qca8081 AND version=-

AND

vendor=qualcomm AND product=qca8337_firmware AND version=-

vendor=qualcomm AND product=qca8337 AND version=-

AND

vendor=qualcomm AND product=qca9377_firmware AND version=-

vendor=qualcomm AND product=qca9377 AND version=-

AND

vendor=qualcomm AND product=qcm6490_firmware AND version=-

vendor=qualcomm AND product=qcm6490 AND version=-

AND

vendor=qualcomm AND product=qcs6490_firmware AND version=-

vendor=qualcomm AND product=qcs6490 AND version=-

AND

vendor=qualcomm AND product=sa6145p_firmware AND version=-

vendor=qualcomm AND product=sa6145p AND version=-

AND

vendor=qualcomm AND product=sa6150p_firmware AND version=-

vendor=qualcomm AND product=sa6150p AND version=-

AND

vendor=qualcomm AND product=sa6155p_firmware AND version=-

vendor=qualcomm AND product=sa6155p AND version=-

AND

vendor=qualcomm AND product=sa8145p_firmware AND version=-

vendor=qualcomm AND product=sa8145p AND version=-

AND

vendor=qualcomm AND product=sa8150p_firmware AND version=-

vendor=qualcomm AND product=sa8150p AND version=-

AND

vendor=qualcomm AND product=sa8155p_firmware AND version=-

vendor=qualcomm AND product=sa8155p AND version=-

AND

vendor=qualcomm AND product=sa8195p_firmware AND version=-

vendor=qualcomm AND product=sa8195p AND version=-

AND

vendor=qualcomm AND product=sd_8_gen1_5g_firmware AND version=-

vendor=qualcomm AND product=sd_8_gen1_5g AND version=-

AND

vendor=qualcomm AND product=sd480_firmware AND version=-

vendor=qualcomm AND product=sd480 AND version=-

AND

vendor=qualcomm AND product=sd888_5g_firmware AND version=-

vendor=qualcomm AND product=sd888_5g AND version=-

AND

vendor=qualcomm AND product=sdx12_firmware AND version=-

vendor=qualcomm AND product=sdx12 AND version=-

AND

vendor=qualcomm AND product=sdx65_firmware AND version=-

vendor=qualcomm AND product=sdx65 AND version=-

AND

vendor=qualcomm AND product=sm6375_firmware AND version=-

vendor=qualcomm AND product=sm6375 AND version=-

AND

vendor=qualcomm AND product=wcd9335_firmware AND version=-

vendor=qualcomm AND product=wcd9335 AND version=-

AND

vendor=qualcomm AND product=wcd9370_firmware AND version=-

vendor=qualcomm AND product=wcd9370 AND version=-

AND

vendor=qualcomm AND product=wcd9375_firmware AND version=-

vendor=qualcomm AND product=wcd9375 AND version=-

AND

vendor=qualcomm AND product=wcd9380_firmware AND version=-

vendor=qualcomm AND product=wcd9380 AND version=-

AND

vendor=qualcomm AND product=wcd9385_firmware AND version=-

vendor=qualcomm AND product=wcd9385 AND version=-

AND

vendor=qualcomm AND product=wcn3988_firmware AND version=-

vendor=qualcomm AND product=wcn3988 AND version=-

AND

vendor=qualcomm AND product=wcn3991_firmware AND version=-

vendor=qualcomm AND product=wcn3991 AND version=-

AND

vendor=qualcomm AND product=wcn3998_firmware AND version=-

vendor=qualcomm AND product=wcn3998 AND version=-

AND

vendor=qualcomm AND product=wcn6750_firmware AND version=-

vendor=qualcomm AND product=wcn6750 AND version=-

AND

vendor=qualcomm AND product=wcn6850_firmware AND version=-

vendor=qualcomm AND product=wcn6850 AND version=-

AND

vendor=qualcomm AND product=wcn6851_firmware AND version=-

vendor=qualcomm AND product=wcn6851 AND version=-

AND

vendor=qualcomm AND product=wcn6855_firmware AND version=-

vendor=qualcomm AND product=wcn6855 AND version=-

AND

vendor=qualcomm AND product=wcn6856_firmware AND version=-

vendor=qualcomm AND product=wcn6856 AND version=-

AND

vendor=qualcomm AND product=wsa8810_firmware AND version=-

vendor=qualcomm AND product=wsa8810 AND version=-

AND

vendor=qualcomm AND product=wsa8815_firmware AND version=-

vendor=qualcomm AND product=wsa8815 AND version=-

AND

vendor=qualcomm AND product=wsa8830_firmware AND version=-

vendor=qualcomm AND product=wsa8830 AND version=-

AND

vendor=qualcomm AND product=wsa8835_firmware AND version=-

vendor=qualcomm AND product=wsa8835 AND version=-

Reference

https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin

Keywords

CVE-2021-35074

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2021-35074

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures