CVE-2021-35104

Summary

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and NetworkingAPQ8009W, APQ8017, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078A, IPQ8173, IPQ8174, MDM9150, MDM9206, MDM9250, MDM9607, MDM9628, MSM8909W, MSM8996AU, QAM8295P, QCA4024, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6428, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595AU, QCA6696, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9889, QCM2290, QCM4290, QCM6125, QCM6490, QCN5022, QCN5024, QCN5052, QCN5064, QCN5122, QCN5124, QCN5152, QCN5164, QCN5550, QCN9000, QCN9011, QCN9012, QCN9074, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QCX315, QRB5165, QRB5165M, QRB5165N, QSM8250, QSW8573, SA4150P, SA4155P, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SA8295P, SD 675, SD 8 Gen1 5G, S ...[truncated*]affected

Weaknesses

  • Buffer Copy Without Checking Size of Input in Audio

ADP Enrichment

CVE Program Container

Additional References

References