CVE-2021-35120

Summary

Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon MobileAPQ8053, MSM8953, QCA6390, QCA6391, QCA6426, QCA6436, QCM2290, QCM4290, QCS2290, QCS4290, QRB5165, QRB5165M, QRB5165N, SD460, SD662, SD680, SD690 5G, SD750G, SD765, SD765G, SD768G, SD865 5G, SD870, SDX55M, SDXR2 5G, SM7250P, WCD9326, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3680B, WCN3910, WCN3950, WCN3988, WCN3991, WCN3998, WCN6850, WCN6851, WSA8810, WSA8815, WSA8830, WSA8835affected

Weaknesses

  • Double Free in MM Frameworks

ADP Enrichment

CVE Program Container

Additional References

References