CVE-2021-30263

EPSS 0.04%
Veröffentlicht 12.11.2021 07:15:07
Zuletzt bearbeitet 21.11.2024 06:03:36
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Aqt1000 Firmware Version-

Qualcomm ≫ Aqt1000 Version-

Qualcomm ≫ Ar8031 Firmware Version-

Qualcomm ≫ Ar8031 Version-

Qualcomm ≫ Ar8035 Firmware Version-

Qualcomm ≫ Ar8035 Version-

Qualcomm ≫ Csra6620 Firmware Version-

Qualcomm ≫ Csra6620 Version-

Qualcomm ≫ Csra6640 Firmware Version-

Qualcomm ≫ Csra6640 Version-

Qualcomm ≫ Qca6391 Firmware Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6420 Firmware Version-

Qualcomm ≫ Qca6420 Version-

Qualcomm ≫ Qca6430 Firmware Version-

Qualcomm ≫ Qca6430 Version-

Qualcomm ≫ Qca8337 Firmware Version-

Qualcomm ≫ Qca8337 Version-

Qualcomm ≫ Qcm6125 Firmware Version-

Qualcomm ≫ Qcm6125 Version-

Qualcomm ≫ Qcs405 Firmware Version-

Qualcomm ≫ Qcs405 Version-

Qualcomm ≫ Qcs6125 Firmware Version-

Qualcomm ≫ Qcs6125 Version-

Qualcomm ≫ Sd 8c Firmware Version-

Qualcomm ≫ Sd 8c Version-

Qualcomm ≫ Sd 8cx Firmware Version-

Qualcomm ≫ Sd 8cx Version-

Qualcomm ≫ Sd855 Firmware Version-

Qualcomm ≫ Sd855 Version-

Qualcomm ≫ Sdx55 Firmware Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sdx55m Firmware Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Wcd9335 Firmware Version-

Qualcomm ≫ Wcd9335 Version-

Qualcomm ≫ Wcd9340 Firmware Version-

Qualcomm ≫ Wcd9340 Version-

Qualcomm ≫ Wcd9341 Firmware Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9370 Firmware Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcn3950 Firmware Version-

Qualcomm ≫ Wcn3950 Version-

Qualcomm ≫ Wcn3980 Firmware Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3998 Firmware Version-

Qualcomm ≫ Wcn3998 Version-

Qualcomm ≫ Wcn3999 Firmware Version-

Qualcomm ≫ Wcn3999 Version-

Qualcomm ≫ Wsa8810 Firmware Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Firmware Version-

Qualcomm ≫ Wsa8815 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P
product-security@qualcomm.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-30263

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-30263

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-30263

EUVD