CVE-2021-30261
8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | APQ8009, APQ8009W, APQ8016, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8076, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, PM8937, QCA1990, QCA4020, QCA6174A, QCA9379, QET4101, QSW8573, Qualcomm215, SD205, SD210, SD429, SD439, SD450, SD632, SDW2500, WCD9306, WCD9326, WCD9330, WCD9335, WCD9340, WCN3610, WCN3615, WCN3620, WCN3660, WCN3660B, WCN3680, WCN3680B, WSA8810, WSA8815 | affected |
Weaknesses
- Buffer Copy Without Checking Size of Input in WLAN
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.