CVE-2021-35101

Improper handling of writes to virtual GICR control can lead to assertion failure in the hypervisor in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.9 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

4.9^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sd_8cx_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_8cx:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sd_8cx_gen2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd_8cx_gen2:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdxr2_5g:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

History

22 Jun 2022, 17:54

Type	Values Removed	Values Added
References	~~(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin -~~	(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin - Vendor Advisory
First Time		Qualcomm sd888 5g Qualcomm qca6426 Qualcomm wsa8810 Firmware Qualcomm wcd9380 Qualcomm sd865 5g Qualcomm qca6391 Qualcomm sdx55m Qualcomm qca6426 Firmware Qualcomm sdx55m Firmware Qualcomm sdxr2 5g Qualcomm wcd9340 Firmware Qualcomm sd 8cx Gen2 Qualcomm sd 8cx Firmware Qualcomm sa8540p Firmware Qualcomm wcd9380 Firmware Qualcomm wcn3998 Qualcomm wcd9340 Qualcomm qca6420 Qualcomm wcd9341 Firmware Qualcomm sa9000p Qualcomm wsa8815 Firmware Qualcomm qca6430 Firmware Qualcomm Qualcomm aqt1000 Firmware Qualcomm aqt1000 Qualcomm qca6436 Qualcomm qca6391 Firmware Qualcomm qca6420 Firmware Qualcomm qca6436 Firmware Qualcomm qca6421 Firmware Qualcomm sd888 5g Firmware Qualcomm wsa8810 Qualcomm sd870 Firmware Qualcomm qca6431 Firmware Qualcomm sd870 Qualcomm sa8540p Qualcomm wcd9341 Qualcomm sdxr2 5g Firmware Qualcomm qca6430 Qualcomm qca6390 Qualcomm sd 8cx Qualcomm sa9000p Firmware Qualcomm sd 8cx Gen2 Firmware Qualcomm qca6431 Qualcomm wcn3998 Firmware Qualcomm sd865 5g Firmware Qualcomm qca6390 Firmware Qualcomm wsa8815 Qualcomm qca6421
CPE		cpe:2.3:o:qualcomm:wcd9340_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6436:-:::::::* cpe:2.3:o:qualcomm:sdx55m_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9340:-:::::::* cpe:2.3:o:qualcomm:sd_8cx_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9341:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:h:qualcomm:sd888_5g:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:aqt1000_firmware:-:::::::* cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6430_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6430:-:::::::* cpe:2.3:h:qualcomm:sd870:-:::::::* cpe:2.3:o:qualcomm:qca6431_firmware:-:::::::* cpe:2.3:h:qualcomm:sd865_5g:-:::::::* cpe:2.3:o:qualcomm:qca6426_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:o:qualcomm:qca6420_firmware:-:::::::* cpe:2.3:h:qualcomm:sd_8cx_gen2:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:h:qualcomm:sdxr2_5g:-:::::::* cpe:2.3:h:qualcomm:qca6421:-:::::::* cpe:2.3:o:qualcomm:sd870_firmware:-:::::::* cpe:2.3:h:qualcomm:sa9000p:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:h:qualcomm:qca6426:-:::::::* cpe:2.3:h:qualcomm:qca6390:-:::::::* cpe:2.3:o:qualcomm:wcd9341_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8540p_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6391_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6421_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3998:-:::::::* cpe:2.3:h:qualcomm:qca6431:-:::::::* cpe:2.3:o:qualcomm:qca6390_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::* cpe:2.3:o:qualcomm:sd888_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:aqt1000:-:::::::* cpe:2.3:o:qualcomm:sa9000p_firmware:-:::::::* cpe:2.3:h:qualcomm:sa8540p:-:::::::* cpe:2.3:o:qualcomm:qca6436_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6391:-:::::::* cpe:2.3:h:qualcomm:qca6420:-:::::::* cpe:2.3:o:qualcomm:sd865_5g_firmware:-:::::::* cpe:2.3:o:qualcomm:sd_8cx_gen2_firmware:-:::::::* cpe:2.3:h:qualcomm:sd_8cx:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:h:qualcomm:sdx55m:-:::::::*
CWE		CWE-617
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.9 v3 : 6.5

14 Jun 2022, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-06-14 10:15

Updated : 2023-12-10 14:22

NVD link : CVE-2021-35101

Mitre link : CVE-2021-35101

CVE.ORG link : CVE-2021-35101

JSON object : View

Products Affected

qualcomm

sdxr2_5g
qca6421
qca6420
qca6426
wsa8815_firmware
sa8540p
qca6431
sd870_firmware
qca6421_firmware
aqt1000
sd_8cx_gen2_firmware
qca6420_firmware
qca6391
wcd9340
qca6436_firmware
wsa8810
wcd9341
qca6390_firmware
qca6426_firmware
sd870
sd865_5g_firmware
wcd9380_firmware
wsa8810_firmware
sd_8cx_gen2
qca6431_firmware
sd_8cx_firmware
wcd9380
sa9000p_firmware
qca6391_firmware
wcd9341_firmware
qca6436
wcd9340_firmware
wcn3998
sd888_5g_firmware
wsa8815
qca6430
sd888_5g
qca6430_firmware
aqt1000_firmware
sd_8cx
sd865_5g
sdx55m
wcn3998_firmware
sdxr2_5g_firmware
sdx55m_firmware
sa8540p_firmware
qca6390
sa9000p

CWE

CWE-617

Reachable Assertion

6.5 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

4.9 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2021-35101

6.5^/10

4.9^/10

Attach tags to `CVE-2021-35101`