7.8

CVE-2021-35129

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Data is provided by the National Vulnerability Database (NVD)
QualcommAr8035 Firmware Version-
   QualcommAr8035 Version-
QualcommIpq5010 Firmware Version-
   QualcommIpq5010 Version-
QualcommIpq5018 Firmware Version-
   QualcommIpq5018 Version-
QualcommIpq5028 Firmware Version-
   QualcommIpq5028 Version-
QualcommQca2062 Firmware Version-
   QualcommQca2062 Version-
QualcommQca2064 Firmware Version-
   QualcommQca2064 Version-
QualcommQca2065 Firmware Version-
   QualcommQca2065 Version-
QualcommQca2066 Firmware Version-
   QualcommQca2066 Version-
QualcommQca6391 Firmware Version-
   QualcommQca6391 Version-
QualcommQca8081 Firmware Version-
   QualcommQca8081 Version-
QualcommQca8337 Firmware Version-
   QualcommQca8337 Version-
QualcommQcc710 Firmware Version-
   QualcommQcc710 Version-
QualcommQcm6490 Firmware Version-
   QualcommQcm6490 Version-
QualcommQcn6023 Firmware Version-
   QualcommQcn6023 Version-
QualcommQcn6024 Firmware Version-
   QualcommQcn6024 Version-
QualcommQcn6100 Firmware Version-
   QualcommQcn6100 Version-
QualcommQcn6102 Firmware Version-
   QualcommQcn6102 Version-
QualcommQcn6112 Firmware Version-
   QualcommQcn6112 Version-
QualcommQcn6122 Firmware Version-
   QualcommQcn6122 Version-
QualcommQcn6132 Firmware Version-
   QualcommQcn6132 Version-
QualcommQcn9000 Firmware Version-
   QualcommQcn9000 Version-
QualcommQcn9012 Firmware Version-
   QualcommQcn9012 Version-
QualcommQcn9022 Firmware Version-
   QualcommQcn9022 Version-
QualcommQcn9024 Firmware Version-
   QualcommQcn9024 Version-
QualcommQcn9070 Firmware Version-
   QualcommQcn9070 Version-
QualcommQcn9072 Firmware Version-
   QualcommQcn9072 Version-
QualcommQcn9074 Firmware Version-
   QualcommQcn9074 Version-
QualcommQcn9100 Firmware Version-
   QualcommQcn9100 Version-
QualcommQcs6490 Firmware Version-
   QualcommQcs6490 Version-
QualcommSd 8 Gen1 5g Firmware Version-
   QualcommSm8475 Version-
QualcommSd 8cx Gen3 Firmware Version-
   QualcommSd 8cx Gen3 Version-
QualcommSd888 Firmware Version-
   QualcommSd888 Version-
QualcommSd888 5g Firmware Version-
   QualcommSd888 5g Version-
QualcommSdx65 Firmware Version-
   QualcommSdx65 Version-
QualcommWcd9370 Firmware Version-
   QualcommWcd9370 Version-
QualcommWcd9375 Firmware Version-
   QualcommWcd9375 Version-
QualcommWcd9380 Firmware Version-
   QualcommWcd9380 Version-
QualcommWcd9385 Firmware Version-
   QualcommWcd9385 Version-
QualcommWcn6750 Firmware Version-
   QualcommWcn6750 Version-
QualcommWcn6850 Firmware Version-
   QualcommWcn6850 Version-
QualcommWcn6851 Firmware Version-
   QualcommWcn6851 Version-
QualcommWcn6855 Firmware Version-
   QualcommWcn6855 Version-
QualcommWcn6856 Firmware Version-
   QualcommWcn6856 Version-
QualcommWsa8830 Firmware Version-
   QualcommWsa8830 Version-
QualcommWsa8835 Firmware Version-
   QualcommWsa8835 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.11% 0.302
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
product-security@qualcomm.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.