CVE-2021-1897

Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CVSS v3 4.6 MEDIUM
CVSS v2.0 2.1 LOW

4.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 3.6

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:apq8009w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8009w:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:qualcomm215_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qualcomm215:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_675:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd675:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd678:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd720g:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd730:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sda429w:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx50m:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6250:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3680:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND

cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

History

15 Jul 2021, 18:49

Type	Values Removed	Values Added
CPE		cpe:2.3:h:qualcomm:sm6250:-:::::::* cpe:2.3:h:qualcomm:sd675:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:o:qualcomm:sd730_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3620_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3660b_firmware:-:::::::* cpe:2.3:h:qualcomm:sd_675:-:::::::* cpe:2.3:o:qualcomm:wcn3680_firmware:-:::::::* cpe:2.3:h:qualcomm:sd205:-:::::::* cpe:2.3:o:qualcomm:wcn3988_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::* cpe:2.3:o:qualcomm:msm8909w_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3615_firmware:-:::::::* cpe:2.3:o:qualcomm:sd675_firmware:-:::::::* cpe:2.3:h:qualcomm:qca9367:-:::::::* cpe:2.3:h:qualcomm:apq8009:-:::::::* cpe:2.3:o:qualcomm:sd210_firmware:-:::::::* cpe:2.3:h:qualcomm:mdm9206:-:::::::* cpe:2.3:o:qualcomm:qca9367_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3950:-:::::::* cpe:2.3:h:qualcomm:qca6420:-:::::::* cpe:2.3:h:qualcomm:wcn3991:-:::::::* cpe:2.3:h:qualcomm:sda429w:-:::::::* cpe:2.3:o:qualcomm:apq8009_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::* cpe:2.3:h:qualcomm:sd730:-:::::::* cpe:2.3:o:qualcomm:sd_675_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3680b:-:::::::* cpe:2.3:o:qualcomm:wcd9340_firmware:-:::::::* cpe:2.3:o:qualcomm:sdx50m_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3620:-:::::::* cpe:2.3:h:qualcomm:sd210:-:::::::* cpe:2.3:o:qualcomm:wcn3991_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6430:-:::::::* cpe:2.3:o:qualcomm:wcd9330_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3980_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9375:-:::::::* cpe:2.3:h:qualcomm:sdx50m:-:::::::* cpe:2.3:o:qualcomm:wcn3610_firmware:-:::::::* cpe:2.3:h:qualcomm:qualcomm215:-:::::::* cpe:2.3:o:qualcomm:qualcomm215_firmware:-:::::::* cpe:2.3:h:qualcomm:msm8909w:-:::::::* cpe:2.3:h:qualcomm:wcn3988:-:::::::* cpe:2.3:h:qualcomm:wcn3680:-:::::::* cpe:2.3:h:qualcomm:apq8053:-:::::::* cpe:2.3:o:qualcomm:apq8053_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9341:-:::::::* cpe:2.3:o:qualcomm:sd205_firmware:-:::::::* cpe:2.3:h:qualcomm:sd855:-:::::::* cpe:2.3:h:qualcomm:wcn3610:-:::::::* cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::* cpe:2.3:o:qualcomm:sda429w_firmware:-:::::::* cpe:2.3:o:qualcomm:sd855_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3950_firmware:-:::::::* cpe:2.3:o:qualcomm:mdm9206_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3980:-:::::::* cpe:2.3:h:qualcomm:wcn3615:-:::::::* cpe:2.3:h:qualcomm:apq8009w:-:::::::* cpe:2.3:o:qualcomm:apq8009w_firmware:-:::::::* cpe:2.3:h:qualcomm:sdx55:-:::::::* cpe:2.3:o:qualcomm:sd678_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3680b_firmware:-:::::::* cpe:2.3:o:qualcomm:sdx55_firmware:-:::::::* cpe:2.3:o:qualcomm:sm6250_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9340:-:::::::* cpe:2.3:o:qualcomm:sd720g_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:o:qualcomm:sdx55m_firmware:-:::::::* cpe:2.3:h:qualcomm:sdx55m:-:::::::* cpe:2.3:h:qualcomm:wcd9330:-:::::::* cpe:2.3:h:qualcomm:sd678:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:o:qualcomm:qca6430_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9326_firmware:-:::::::* cpe:2.3:o:qualcomm:aqt1000_firmware:-:::::::* cpe:2.3:h:qualcomm:qca9377:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:h:qualcomm:aqt1000:-:::::::* cpe:2.3:h:qualcomm:sd720g:-:::::::* cpe:2.3:o:qualcomm:qca6420_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3998:-:::::::* cpe:2.3:o:qualcomm:qca9377_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3660b:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9326:-:::::::*
References	~~(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin -~~	(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin - Patch, Vendor Advisory
CWE		CWE-125
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 2.1 v3 : 4.6

13 Jul 2021, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-07-13 06:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-1897

Mitre link : CVE-2021-1897

CVE.ORG link : CVE-2021-1897

JSON object : View

Products Affected

qualcomm

sdx55_firmware
sd210
qca9377
apq8053
sd205_firmware
wcn3680
apq8009_firmware
sdx55m
apq8009
sda429w_firmware
wcd9341_firmware
wcn3660b_firmware
wcn3998
wcn3610
wcn3615
qca9377_firmware
aqt1000
qca6430
wcn3950
sd678
wcd9341
sd_675_firmware
sd675
sd_675
wcd9380_firmware
qualcomm215
wcd9375
wcd9326_firmware
msm8909w_firmware
sdx50m
qca6420_firmware
wcn3680b
qca9367
msm8909w
wcn3988_firmware
mdm9206
apq8009w_firmware
apq8009w
aqt1000_firmware
wcn3991_firmware
wcd9330_firmware
mdm9206_firmware
wsa8810_firmware
wcn3610_firmware
sd678_firmware
apq8053_firmware
sd730
sda429w
sdx50m_firmware
wcn3998_firmware
wcn3680_firmware
wcn3988
wcd9340
wcd9380
sd720g_firmware
sm6250_firmware
wcn3680b_firmware
wcn3620
wcn3980_firmware
qualcomm215_firmware
wcd9340_firmware
wcn3660b
wcn3615_firmware
sd205
wcd9370_firmware
qca6420
wcn3980
sdx55
wcd9330
wcd9326
wcd9375_firmware
wcn3991
wcd9370
wcn3950_firmware
wsa8810
sd730_firmware
sd720g
sd210_firmware
qca9367_firmware
wcn3620_firmware
wsa8815_firmware
sdx55m_firmware
sd855_firmware
sd855
qca6430_firmware
wsa8815
sm6250
sd675_firmware

CWE

CWE-125

Out-of-bounds Read

4.6 /10

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2021-1897

4.6^/10

2.1^/10

Attach tags to `CVE-2021-1897`