CVE-2021-35115

EPSS 0.04%
Veröffentlicht 01.04.2022 05:15:07
Zuletzt bearbeitet 21.11.2024 06:11:56
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Apq8096au Firmware Version-

Qualcomm ≫ Apq8096au Version-

Qualcomm ≫ Ar6003 Firmware Version-

Qualcomm ≫ Ar6003 Version-

Qualcomm ≫ Mdm8215 Firmware Version-

Qualcomm ≫ Mdm8215 Version-

Qualcomm ≫ Mdm8215m Firmware Version-

Qualcomm ≫ Mdm8215m Version-

Qualcomm ≫ Mdm8615m Firmware Version-

Qualcomm ≫ Mdm8615m Version-

Qualcomm ≫ Mdm9215 Firmware Version-

Qualcomm ≫ Mdm9215 Version-

Qualcomm ≫ Mdm9310 Firmware Version-

Qualcomm ≫ Mdm9310 Version-

Qualcomm ≫ Mdm9615 Firmware Version-

Qualcomm ≫ Mdm9615 Version-

Qualcomm ≫ Mdm9615m Firmware Version-

Qualcomm ≫ Mdm9615m Version-

Qualcomm ≫ Msm8996au Firmware Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Qca6564a Firmware Version-

Qualcomm ≫ Qca6564a Version-

Qualcomm ≫ Qca6564au Firmware Version-

Qualcomm ≫ Qca6564au Version-

Qualcomm ≫ Qca6574a Firmware Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Firmware Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6584au Firmware Version-

Qualcomm ≫ Qca6584au Version-

Qualcomm ≫ Qca6696 Firmware Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Sa6145p Firmware Version-

Qualcomm ≫ Sa6145p Version-

Qualcomm ≫ Sa6150p Firmware Version-

Qualcomm ≫ Sa6150p Version-

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sa8145p Firmware Version-

Qualcomm ≫ Sa8145p Version-

Qualcomm ≫ Sa8150p Firmware Version-

Qualcomm ≫ Sa8150p Version-

Qualcomm ≫ Sa8155p Firmware Version-

Qualcomm ≫ Sa8155p Version-

Qualcomm ≫ Sa8195p Firmware Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sa8540p Firmware Version-

Qualcomm ≫ Sa8540p Version-

Qualcomm ≫ Sa9000p Firmware Version-

Qualcomm ≫ Sa9000p Version-

Qualcomm ≫ Sdx55 Firmware Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sdx55m Firmware Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Wcd9341 Firmware Version-

Qualcomm ≫ Wcd9341 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.131

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
product-security@qualcomm.com	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-35115

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-35115

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-35115

EUVD