CVE-2021-30317
9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, MDM9150, MDM9250, MDM9650, QCA6174A, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8337, QCA9377, QCA9984, QCM2290, QCM4290, QCM6125, QCM6490, QCN7605, QCN7606, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, SA415M, SA515M, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SD 675, SD 8cx Gen2, SD460, SD480, SD660, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD7c, SD845, SD850, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX12, SDX24, SDX55, SDX55M, SDXR1, SDXR2 5G, SM6225, SM6250, SM6250P, SM6375, SM7250P, SM7315, SM7325P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835 | affected |
Weaknesses
- Improper Authentication in Kernel
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.