CVE-2021-1977

Summary

Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & MusicAPQ8009, APQ8017, APQ8053, APQ8064AU, APQ8096AU, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, MDM9150, MDM9206, MDM9250, MDM9607, MDM9626, MDM9628, MDM9650, MSM8953, MSM8996AU, QCA4020, QCA6174A, QCA6175A, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6426, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6696, QCA8337, QCA9367, QCA9377, QCA9379, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QRB5165, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD460, SD660, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD820, SD835, SD845, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX12, SDX20, SDX20M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM6250, SM7250P, SM7315, SM7325P, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3615, WCN3660B, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WC ...[truncated*]affected

Weaknesses

  • Buffer Over-read in WLAN

ADP Enrichment

CVE Program Container

Additional References

References