CVE-2021-30318

Summary

Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon WearablesAPQ8009W, APQ8017, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM9150, MDM9206, MDM9250, MDM9607, MDM9628, MSM8909W, MSM8996AU, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9367, QCA9377, QCM2290, QCM4290, QCM6125, QCM6490, QCN9011, QCN9012, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCS8155, QCX315, QRB5165, QRB5165M, QRB5165N, QSW8573, Qualcomm215, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD 8 Gen1 5G, SD205, SD210, SD429, SD439, SD460, SD480, SD660, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDM429W, SDW2500, SDX12, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM6225, SM6250, SM6250P, SM6375, SM7250P, SM7315, SM7325P, WCD9330, WCD ...[truncated*]affected

Weaknesses

  • Buffer Copy Without Checking Size of Input in Automotive Linux Platform

ADP Enrichment

CVE Program Container

Additional References

References