CVE-2021-30309

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-30309
Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd665:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:sdx12_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx12:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:sdxr1_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdxr1:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2022-02-11 11:15

Updated : 2024-02-28 19:09

NVD link : CVE-2021-30309

Mitre link : CVE-2021-30309

CVE.ORG link : CVE-2021-30309

JSON object : View

Products Affected

qualcomm

  • sd870_firmware
  • wcn3998
  • sd865_5g_firmware
  • wcd9326_firmware
  • sd730_firmware
  • mdm9650
  • wcd9375
  • qca9377
  • qcs605
  • wcn3950_firmware
  • wcn3998_firmware
  • sdx12_firmware
  • wcn3990
  • qcs410_firmware
  • qca6174a
  • sd768g
  • qcs603
  • wcd9385
  • wsa8835_firmware
  • sd765g
  • qca6391_firmware
  • wcn3990_firmware
  • wsa8835
  • sd690_5g_firmware
  • wcn3980_firmware
  • sd730
  • wcd9341_firmware
  • wsa8810
  • qca9377_firmware
  • qcs605_firmware
  • wcd9370
  • wcn3988
  • sdx55m
  • qcs6125_firmware
  • wcn6850_firmware
  • wcd9375_firmware
  • sd870
  • sd765
  • wcn6851
  • qca6174a_firmware
  • qcs603_firmware
  • wsa8815_firmware
  • wcd9326
  • sd690_5g
  • wsa8815
  • wcd9341
  • qcs410
  • wsa8830
  • wcn3991_firmware
  • sd765_firmware
  • sd660_firmware
  • wcn3950
  • wcd9370_firmware
  • qca6390
  • sd768g_firmware
  • wcn6850
  • wcn3980
  • wcn6851_firmware
  • sdxr1_firmware
  • sm7250p
  • sd865_5g
  • mdm9650_firmware
  • sd665_firmware
  • sd765g_firmware
  • qcs610
  • sd665
  • wcd9385_firmware
  • sm7250p_firmware
  • sdx12
  • qcs6125
  • qcm6125_firmware
  • wcd9380
  • sdxr1
  • wcn3988_firmware
  • sd660
  • wcd9335_firmware
  • wcd9380_firmware
  • qcs610_firmware
  • wcn3991
  • wcd9335
  • qca6390_firmware
  • wsa8830_firmware
  • sdx55m_firmware
  • wsa8810_firmware
  • qca6391
  • qcm6125
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')