CVE-2021-35120
6.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | APQ8053, MSM8953, QCA6390, QCA6391, QCA6426, QCA6436, QCM2290, QCM4290, QCS2290, QCS4290, QRB5165, QRB5165M, QRB5165N, SD460, SD662, SD680, SD690 5G, SD750G, SD765, SD765G, SD768G, SD865 5G, SD870, SDX55M, SDXR2 5G, SM7250P, WCD9326, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3680B, WCN3910, WCN3950, WCN3988, WCN3991, WCN3998, WCN6850, WCN6851, WSA8810, WSA8815, WSA8830, WSA8835 | affected |
Weaknesses
- Double Free in MM Frameworks
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.