CVE-2021-30309

Summary

Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon MobileMDM9650, QCA6174A, QCA6390, QCA6391, QCA9377, QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SD660, SD665, SD690 5G, SD730, SD765, SD765G, SD768G, SD865 5G, SD870, SDX12, SDX55M, SDXR1, SM7250P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6850, WCN6851, WSA8810, WSA8815, WSA8830, WSA8835affected

Weaknesses

  • Buffer Copy Without Checking Size of Input in Modem

ADP Enrichment

CVE Program Container

Additional References

References