CVE-2021-1970

CVE-2021-1970 relates to an out-of-bounds read in Qualcomm WLAN/Qualcomm Snapdragon subsystems caused by insufficient length checks for FT sub-elements. Affected products include Snapdragon Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile/Voice & Music lineages and WLAN components. Th...

CVE-2021-1970

Possible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2021-1965

CVE-2021-1965 describes a buffer overflow in Qualcomm WLAN/MBSSID handling caused by missing parameter length checks during MBSSID scan IE parsing in Snapdragon components (Auto/Compute/Connectivity/Mobile/Wired). The NVD/Red Hat entries rate it Critical (CVSSv3.1: 9.8, Network, No privileges, Us...

CVE-2021-1964

CVE-2021-1964 corresponds to a buffer over-read in Qualcomm WLAN/IEEE 802.11 beacon parsing due to improper validation of IE size in the WLAN host subsystem. Affected are Qualcomm Snapdragon/WLAN components (e.g., QCA6574AU and related chips) across multiple Snapdragon device families. Root cause...

CVE-2021-1955

CVE-2021-1955 describes a Denial of Service in Qualcomm’s Snapdragon stack caused by improper handling of connections when an association is rejected. The issue affects Snapdragon Auto/Compute/Connectivity and related Snapdragon lines (IoT, Wearables, Mobile, etc.). Root cause: mishandling of con...

CVE-2021-1954

Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

CVE-2021-1954

The CVE-2021-1954 issue is a buffer over-read in Qualcomm’s Snapdragon family (parsing FILS indication IE) caused by improper validation of the data pointer. Affects Qualcomm/ Snapdragon components; CVSS v3.1 indicates high severity (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) with network lead and high...

CVE-2021-1945

Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking...

CVE-2021-1943

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

CVE-2021-1943

CVE-2021-1943 describes a buffer out-of-bounds read due to improper TBTT count/length validation when parsing beacon responses in Qualcomm Snapdragon WLAN components across Snapdragon Auto, Compute, Connectivity, Industrial IOT, Mobile, and Wired Infrastructure and Networking. The vulnerability d...

CVE-2021-1938

Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

CVE-2021-1938

CVE-2021-1938 concerns a Qualcomm/Snapdragon issue involving an assertion caused by improper verification when creating and deleting a peer across multiple Snapdragon subsystems (Auto, Compute, Connectivity, etc.). The root cause is described as improper verification during peer creation/deletion...

CVE-2021-1931

Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2021-1931

CVE-2021-1931 is a buffer overflow in Qualcomm SDM660 bootloader processing of fastboot/flash data. The exploit arose from improper handling of large payloads in the bootloader’s flash: command, enabling memory corruption that could bypass signature checks and unlock the bootloader on SDM660 devi...

CVE-2021-1907

CVE-2021-1907 is a buffer overflow vulnerability caused by a missing length check in BA requests in Qualcomm Snapdragon platforms (Snapdragon Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile). The issue affects Qualcomm‑based Snapdragon components and is described in Qualcomm’s July 2...

CVE-2021-1896

Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity...

CVE-2021-1896

The CVE-2021-1896 entry concerns Qualcomm Qualcomm Snapdragon components (Compute and Connectivity) with a weak WLAN configuration that could forward unencrypted packets between peers. Available sources from NVD and Red Hat, PRION, PT Security and others indicate the vulnerability affects Snapdra...

CVE-2021-1890

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-1890

CVE-2021-1890 is a Qualcomm/ Snapdragon-specific vulnerability: an improper length check of the RSA public exponent in the RSA import key function can cause memory corruption. Affected platforms include Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, IoT, Voice & Music, and ...

CVE-2021-1889

Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...