8.4
CVE-2021-30290
- EPSS 0.09%
- Published 09.09.2021 08:15:27
- Last modified 21.11.2024 06:03:42
- Source product-security@qualcomm.com
- Teams watchlist Login
- Open Login
Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Data is provided by the National Vulnerability Database (NVD)
Qualcomm ≫ Qca6174a Firmware Version-
Qualcomm ≫ Qca6574 Firmware Version-
Qualcomm ≫ Qca6574a Firmware Version-
Qualcomm ≫ Qca6574au Firmware Version-
Qualcomm ≫ Qca6595au Firmware Version-
Qualcomm ≫ Qca6696 Firmware Version-
Qualcomm ≫ Qca9377 Firmware Version-
Qualcomm ≫ Qcm6490 Firmware Version-
Qualcomm ≫ Qcs6490 Firmware Version-
Qualcomm ≫ Sa6145p Firmware Version-
Qualcomm ≫ Sa6150p Firmware Version-
Qualcomm ≫ Sa6155 Firmware Version-
Qualcomm ≫ Sa6155p Firmware Version-
Qualcomm ≫ Sa8145p Firmware Version-
Qualcomm ≫ Sa8150p Firmware Version-
Qualcomm ≫ Sa8155 Firmware Version-
Qualcomm ≫ Sa8155p Firmware Version-
Qualcomm ≫ Sa8195p Firmware Version-
Qualcomm ≫ Sd480 Firmware Version-
Qualcomm ≫ Sd778g Firmware Version-
Qualcomm ≫ Sd780g Firmware Version-
Qualcomm ≫ Sd888 Firmware Version-
Qualcomm ≫ Sd888 5g Firmware Version-
Qualcomm ≫ Sdx12 Firmware Version-
Qualcomm ≫ Sm7325 Firmware Version-
Qualcomm ≫ Wcd9335 Firmware Version-
Qualcomm ≫ Wcd9341 Firmware Version-
Qualcomm ≫ Wcd9370 Firmware Version-
Qualcomm ≫ Wcd9375 Firmware Version-
Qualcomm ≫ Wcd9380 Firmware Version-
Qualcomm ≫ Wcd9385 Firmware Version-
Qualcomm ≫ Wcn3988 Firmware Version-
Qualcomm ≫ Wcn3991 Firmware Version-
Qualcomm ≫ Wcn6740 Firmware Version-
Qualcomm ≫ Wcn6750 Firmware Version-
Qualcomm ≫ Wcn6850 Firmware Version-
Qualcomm ≫ Wcn6851 Firmware Version-
Qualcomm ≫ Wcn6855 Firmware Version-
Qualcomm ≫ Wcn6856 Firmware Version-
Qualcomm ≫ Wsa8830 Firmware Version-
Qualcomm ≫ Wsa8835 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.218 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.4 | 3.4 | 6.4 |
AV:L/AC:M/Au:N/C:P/I:P/A:P
|
| product-security@qualcomm.com | 8.4 | 2.5 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.