Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto
References
| Link | Resource |
|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
08 Apr 2022, 17:49
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
| References | (CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin - Vendor Advisory | |
| First Time |
Qualcomm qca6696
Qualcomm qca6696 Firmware Qualcomm sa8155p Qualcomm Qualcomm qca6574au Firmware Qualcomm sa8155p Firmware Qualcomm qca6574au |
|
| CPE | cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:* cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:* |
|
| CWE | CWE-120 |
01 Apr 2022, 05:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-04-01 05:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-35089
Mitre link : CVE-2021-35089
CVE.ORG link : CVE-2021-35089
JSON object : View
Products Affected
qualcomm
- qca6696
- qca6574au
- sa8155p
- sa8155p_firmware
- qca6696_firmware
- qca6574au_firmware
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')