8.4

CVE-2021-1912

Possible integer overflow can occur due to improper length check while calculating count and grace period in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Data is provided by the National Vulnerability Database (NVD)
QualcommAqt1000 Firmware Version-
   QualcommAqt1000 Version-
QualcommAr8035 Firmware Version-
   QualcommAr8035 Version-
QualcommCsrb31024 Firmware Version-
   QualcommCsrb31024 Version-
QualcommQca6174a Firmware Version-
   QualcommQca6174a Version-
QualcommQca6390 Firmware Version-
   QualcommQca6390 Version-
QualcommQca6391 Firmware Version-
   QualcommQca6391 Version-
QualcommQca6420 Firmware Version-
   QualcommQca6420 Version-
QualcommQca6421 Firmware Version-
   QualcommQca6421 Version-
QualcommQca6426 Firmware Version-
   QualcommQca6426 Version-
QualcommQca6430 Firmware Version-
   QualcommQca6430 Version-
QualcommQca6431 Firmware Version-
   QualcommQca6431 Version-
QualcommQca6436 Firmware Version-
   QualcommQca6436 Version-
QualcommQca6564au Firmware Version-
   QualcommQca6564au Version-
QualcommQca6574a Firmware Version-
   QualcommQca6574a Version-
QualcommQca6574au Firmware Version-
   QualcommQca6574au Version-
QualcommQca6584au Firmware Version-
   QualcommQca6584au Version-
QualcommQca6595au Firmware Version-
   QualcommQca6595au Version-
QualcommQca6696 Firmware Version-
   QualcommQca6696 Version-
QualcommQca8337 Firmware Version-
   QualcommQca8337 Version-
QualcommQca9377 Firmware Version-
   QualcommQca9377 Version-
QualcommQcx315 Firmware Version-
   QualcommQcx315 Version-
QualcommSa415m Firmware Version-
   QualcommSa415m Version-
QualcommSa515m Firmware Version-
   QualcommSa515m Version-
QualcommSd 8c Firmware Version-
   QualcommSd 8c Version-
QualcommSd 8cx Firmware Version-
   QualcommSd 8cx Version-
QualcommSd855 Firmware Version-
   QualcommSd855 Version-
QualcommSd865 5g Firmware Version-
   QualcommSd865 5g Version-
QualcommSd870 Firmware Version-
   QualcommSd870 Version-
QualcommSdx24 Firmware Version-
   QualcommSdx24 Version-
QualcommSdx55 Firmware Version-
   QualcommSdx55 Version-
QualcommSdx55m Firmware Version-
   QualcommSdx55m Version-
QualcommSdxr2 5g Firmware Version-
   QualcommSdxr2 5g Version-
QualcommWcd9340 Firmware Version-
   QualcommWcd9340 Version-
QualcommWcd9341 Firmware Version-
   QualcommWcd9341 Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
QualcommWcd9385 Firmware Version-
   QualcommWcd9385 Version-
QualcommWcn3998 Firmware Version-
   QualcommWcn3998 Version-
QualcommWcn6750 Firmware Version-
   QualcommWcn6750 Version-
QualcommWcn6850 Firmware Version-
   QualcommWcn6850 Version-
QualcommWcn6851 Firmware Version-
   QualcommWcn6851 Version-
QualcommWsa8810 Firmware Version-
   QualcommWsa8810 Version-
QualcommWsa8815 Firmware Version-
   QualcommWsa8815 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.03% 0.06
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
product-security@qualcomm.com 8.4 2.5 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.