CVE-2021-35123

Summary

Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Connectivity, Snapdragon Industrial IOTAQT1000, QCA6390, QCA6391, SD 8 Gen1 5G, SD480, SD660, SD778G, SD780G, SD855, SD865 5G, SD870, SD888 5G, SDX55M, SM6375, SM7325P, WCD9335, WCD9370, WCD9375, WCD9380, WCD9385, WCN3980, WCN3988, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835affected

Weaknesses

  • Buffer Copy Without Checking Size of Input in Bluetooth HOST

ADP Enrichment

CVE Program Container

Additional References

References