CVE-2021-35129

Summary

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and NetworkingAR8035, IPQ5010, IPQ5018, IPQ5028, QCA2062, QCA2064, QCA2065, QCA2066, QCA6391, QCA8081, QCA8337, QCC710, QCM6490, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS6490, SD 8 Gen1 5G, SD 8cx Gen3, SD888, SD888 5G, SDX65, WCD9370, WCD9375, WCD9380, WCD9385, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835affected

Weaknesses

  • Buffer Copy Without Checking Size of Input in BT Controller

ADP Enrichment

CVE Program Container

Additional References

References