Lucene search

K
cve[email protected]CVE-2021-30305
HistoryOct 20, 2021 - 7:15 a.m.

CVE-2021-30305

2021-10-2007:15:08
CWE-20
web.nvd.nist.gov
57
cve-2021-30305
out of bound access
validation
page offset
snapdragon auto
snapdragon connectivity
snapdragon industrial iot
snapdragon mobile
nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Possible out of bound access due to lack of validation of page offset before page is inserted in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Affected configurations

NVD
Node
qualcommqca6174aMatch-
AND
qualcommqca6174a_firmwareMatch-
Node
qualcommqca6391Match-
AND
qualcommqca6391_firmwareMatch-
Node
qualcommqca6574Match-
AND
qualcommqca6574_firmwareMatch-
Node
qualcommqca6574aMatch-
AND
qualcommqca6574a_firmwareMatch-
Node
qualcommqca6574auMatch-
AND
qualcommqca6574au_firmwareMatch-
Node
qualcommqca6595auMatch-
AND
qualcommqca6595au_firmwareMatch-
Node
qualcommqca6696Match-
AND
qualcommqca6696_firmwareMatch-
Node
qualcommqca9377Match-
AND
qualcommqca9377_firmwareMatch-
Node
qualcommqcm6490_firmwareMatch-
AND
qualcommqcm6490Match-
Node
qualcommqcs6490_firmwareMatch-
AND
qualcommqcs6490Match-
Node
qualcommsa6145p_firmwareMatch-
AND
qualcommsa6145pMatch-
Node
qualcommsa6150p_firmwareMatch-
AND
qualcommsa6150pMatch-
Node
qualcommsa6155_firmwareMatch-
AND
qualcommsa6155Match-
Node
qualcommsa6155p_firmwareMatch-
AND
qualcommsa6155pMatch-
Node
qualcommsa8145p_firmwareMatch-
AND
qualcommsa8145pMatch-
Node
qualcommsa8150p_firmwareMatch-
AND
qualcommsa8150pMatch-
Node
qualcommsa8155_firmwareMatch-
AND
qualcommsa8155Match-
Node
qualcommsa8155p_firmwareMatch-
AND
qualcommsa8155pMatch-
Node
qualcommsa8195p_firmwareMatch-
AND
qualcommsa8195pMatch-
Node
qualcommsd480_firmwareMatch-
AND
qualcommsd480Match-
Node
qualcommsd778g_firmwareMatch-
AND
qualcommsd778gMatch-
Node
qualcommsd780g_firmwareMatch-
AND
qualcommsd780gMatch-
Node
qualcommsd888_5g_firmwareMatch-
AND
qualcommsd888_5gMatch-
Node
qualcommsdx12_firmwareMatch-
AND
qualcommsdx12Match-
Node
qualcommsm7325_firmwareMatch-
AND
qualcommsm7325Match-
Node
qualcommwcd9335_firmwareMatch-
AND
qualcommwcd9335Match-
Node
qualcommwcd9341_firmwareMatch-
AND
qualcommwcd9341Match-
Node
qualcommwcd9370_firmwareMatch-
AND
qualcommwcd9370Match-
Node
qualcommwcd9375_firmwareMatch-
AND
qualcommwcd9375Match-
Node
qualcommwcd9380_firmwareMatch-
AND
qualcommwcd9380Match-
Node
qualcommwcd9385_firmwareMatch-
AND
qualcommwcd9385Match-
Node
qualcommwcn3988_firmwareMatch-
AND
qualcommwcn3988Match-
Node
qualcommwcn3991_firmwareMatch-
AND
qualcommwcn3991Match-
Node
qualcommwcn6740_firmwareMatch-
AND
qualcommwcn6740Match-
Node
qualcommwcn6750_firmwareMatch-
AND
qualcommwcn6750Match-
Node
qualcommwcn6850_firmwareMatch-
AND
qualcommwcn6850Match-
Node
qualcommwcn6851_firmwareMatch-
AND
qualcommwcn6851Match-
Node
qualcommwcn6855_firmwareMatch-
AND
qualcommwcn6855Match-
Node
qualcommwcn6856_firmwareMatch-
AND
qualcommwcn6856Match-
Node
qualcommwsa8830_firmwareMatch-
AND
qualcommwsa8830Match-
Node
qualcommwsa8835_firmwareMatch-
AND
qualcommwsa8835Match-

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "QCA6174A, QCA6391, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA9377, QCM6490, QCS6490, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD480, SD778G, SD780G, SD888 5G, SDX12, SM7325P, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3988, WCN3991, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835"
      }
    ]
  }
]

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

Related for CVE-2021-30305