6.7

CVE-2021-1958

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommQca6574a Firmware Version-
   QualcommQca6574a Version-
QualcommQca6574au Firmware Version-
   QualcommQca6574au Version-
QualcommQca6595 Firmware Version-
   QualcommQca6595 Version-
QualcommQca6595au Firmware Version-
   QualcommQca6595au Version-
QualcommQca6696 Firmware Version-
   QualcommQca6696 Version-
QualcommSa6145p Firmware Version-
   QualcommSa6145p Version-
QualcommSa6150p Firmware Version-
   QualcommSa6150p Version-
QualcommSa6155p Firmware Version-
   QualcommSa6155p Version-
QualcommSa8145p Firmware Version-
   QualcommSa8145p Version-
QualcommSa8150p Firmware Version-
   QualcommSa8150p Version-
QualcommSa8155 Firmware Version-
   QualcommSa8155 Version-
QualcommSa8155p Firmware Version-
   QualcommSa8155p Version-
QualcommSa8195p Firmware Version-
   QualcommSa8195p Version-
QualcommSd480 Firmware Version-
   QualcommSd480 Version-
QualcommSd778g Firmware Version-
   QualcommSd778g Version-
QualcommSd780g Firmware Version-
   QualcommSd780g Version-
QualcommSd888 5g Firmware Version-
   QualcommSd888 5g Version-
QualcommSda429w Firmware Version-
   QualcommSda429w Version-
QualcommSm7325 Firmware Version-
   QualcommSm7325 Version-
QualcommWcd9341 Firmware Version-
   QualcommWcd9341 Version-
QualcommWcd9370 Firmware Version-
   QualcommWcd9370 Version-
QualcommWcd9375 Firmware Version-
   QualcommWcd9375 Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
QualcommWcd9385 Firmware Version-
   QualcommWcd9385 Version-
QualcommWcn3610 Firmware Version-
   QualcommWcn3610 Version-
QualcommWcn3620 Firmware Version-
   QualcommWcn3620 Version-
QualcommWcn3660b Firmware Version-
   QualcommWcn3660b Version-
QualcommWcn3980 Firmware Version-
   QualcommWcn3980 Version-
QualcommWcn3988 Firmware Version-
   QualcommWcn3988 Version-
QualcommWcn3991 Firmware Version-
   QualcommWcn3991 Version-
QualcommWcn6740 Firmware Version-
   QualcommWcn6740 Version-
QualcommWcn6750 Firmware Version-
   QualcommWcn6750 Version-
QualcommWcn6850 Firmware Version-
   QualcommWcn6850 Version-
QualcommWcn6851 Firmware Version-
   QualcommWcn6851 Version-
QualcommWcn6855 Firmware Version-
   QualcommWcn6855 Version-
QualcommWcn6856 Firmware Version-
   QualcommWcn6856 Version-
QualcommWsa8830 Firmware Version-
   QualcommWsa8830 Version-
QualcommWsa8835 Firmware Version-
   QualcommWsa8835 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.079
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 0.5 5.9
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.4 3.4 6.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
product-security@qualcomm.com 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.