CVE-2021-30291 : Possible memory corruption due to lack of validation of client data used for mem

Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Published 2021-10-20 07:15:09

Updated 2021-10-26 18:42:02

Source Qualcomm, Inc.

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2021-30291

Qualcomm » Sdm630 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdm630 » Version: N/A
Qualcomm » Apq8096au Firmware » Version: N/A
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Apq8096au » Version: N/A
Qualcomm » Msm8996au Firmware » Version: N/A
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Msm8996au » Version: N/A
Qualcomm » Qca6574au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6574au » Version: N/A
Qualcomm » Msm8917 Firmware » Version: N/A
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Msm8917 » Version: N/A
Qualcomm » Sd210 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd210 » Version: N/A
Qualcomm » Sd205 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd205_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd205 » Version: N/A
Qualcomm » Sd 636 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd_636_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd 636 » Version: N/A
Qualcomm » Qcs605 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs605 » Version: N/A
Qualcomm » Sd 675 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd_675_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd 675 » Version: N/A
Qualcomm » Sd855 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd855 » Version: N/A
Qualcomm » Apq8017 Firmware » Version: N/A
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Apq8017 » Version: N/A
Qualcomm » Apq8053 Firmware » Version: N/A
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Apq8053 » Version: N/A
Qualcomm » Sdx55 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx55 » Version: N/A
Qualcomm » Msm8953 Firmware » Version: N/A
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Msm8953 » Version: N/A
Qualcomm » Qca6390 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6390 » Version: N/A
Qualcomm » Aqt1000 Firmware » Version: N/A
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Aqt1000 » Version: N/A
Qualcomm » Qca6310 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6310 » Version: N/A
Qualcomm » Qca6335 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6335 » Version: N/A
Qualcomm » Qca6391 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6391 » Version: N/A
Qualcomm » Qca6420 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6420 » Version: N/A
Qualcomm » Qca6430 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6430 » Version: N/A
Qualcomm » Wcn3998 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3998 » Version: N/A
Qualcomm » Wcn6850 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6850 » Version: N/A
Qualcomm » Wcn6851 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6851 » Version: N/A
Qualcomm » Wcn6855 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6855 » Version: N/A
Qualcomm » Wcn6856 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6856 » Version: N/A
Qualcomm » Apq8064au Firmware » Version: N/A
cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Apq8064au » Version: N/A
Qualcomm » Qcm4290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcm4290 » Version: N/A
Qualcomm » Qcs4290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs4290 » Version: N/A
Qualcomm » Qcs603 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs603 » Version: N/A
Qualcomm » Sdx50m Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx50m » Version: N/A
Qualcomm » Sdx55m Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx55m » Version: N/A
Qualcomm » Sm6250 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm6250_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm6250 » Version: N/A
Qualcomm » Sm7250 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm7250_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm7250 » Version: N/A
Qualcomm » Qcm6125 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcm6125 » Version: N/A
Qualcomm » Qcs6125 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs6125 » Version: N/A
Qualcomm » Sm6250p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm6250p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm6250p » Version: N/A
Qualcomm » Sm4125 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm4125 » Version: N/A
Qualcomm » Qca6320 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6320 » Version: N/A
Qualcomm » Qca6426 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6426 » Version: N/A
Qualcomm » Qca6436 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6436 » Version: N/A
Qualcomm » Qca6564a Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6564a » Version: N/A
Qualcomm » Qca6564au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6564au » Version: N/A
Qualcomm » Qca6574a Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6574a » Version: N/A
Qualcomm » Sd 455 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd_455_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd 455 » Version: N/A
Qualcomm » Sd460 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd460 » Version: N/A
Qualcomm » Sd662 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd662 » Version: N/A
Qualcomm » Sd665 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd665 » Version: N/A
Qualcomm » Sd675 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd675_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd675 » Version: N/A
Qualcomm » Sd690 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd690 5g » Version: N/A
Qualcomm » Sd720g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd720g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd720g » Version: N/A
Qualcomm » Sd730 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd730_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd730 » Version: N/A
Qualcomm » Sd750g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd750g » Version: N/A
Qualcomm » Sd765 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd765 » Version: N/A
Qualcomm » Sd765g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd765g » Version: N/A
Qualcomm » Sd768g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd768g » Version: N/A
Qualcomm » Sd865 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd865 5g » Version: N/A
Qualcomm » Sd888 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd888 5g » Version: N/A
Qualcomm » Sdxr1 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdxr1_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdxr1 » Version: N/A
Qualcomm » Sdxr2 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdxr2_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdxr2 5g » Version: N/A
Qualcomm » Wcd9370 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9370 » Version: N/A
Qualcomm » Wcd9375 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9375 » Version: N/A
Qualcomm » Wcd9380 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9380 » Version: N/A
Qualcomm » Wcd9385 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9385 » Version: N/A
Qualcomm » Wcn3610 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3610 » Version: N/A
Qualcomm » Wcn3615 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3615 » Version: N/A
Qualcomm » Wcn3660b Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3660b » Version: N/A
Qualcomm » Wcn3680b Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3680b » Version: N/A
Qualcomm » Wcn3910 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3910 » Version: N/A
Qualcomm » Wcn3950 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3950 » Version: N/A
Qualcomm » Wcn3988 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3988 » Version: N/A
Qualcomm » Wcn3991 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3991 » Version: N/A
Qualcomm » Wcn6750 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6750 » Version: N/A
Qualcomm » Wsa8830 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8830 » Version: N/A
Qualcomm » Wsa8835 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8835 » Version: N/A
Qualcomm » Sd429 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd429_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd429 » Version: N/A
Qualcomm » Sd439 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd439_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd439 » Version: N/A
Qualcomm » Qcm2290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcm2290 » Version: N/A
Qualcomm » Qcs2290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs2290 » Version: N/A
Qualcomm » Qualcomm215 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qualcomm215_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qualcomm215 » Version: N/A
Qualcomm » Sd632 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd632_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd632 » Version: N/A
Qualcomm » Wcn3680 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3680_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3680 » Version: N/A
Qualcomm » Wcn6740 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn6740_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn6740 » Version: N/A
Qualcomm » Sd678 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd678_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd678 » Version: N/A
Qualcomm » Sd870 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd870 » Version: N/A
Qualcomm » Sd888 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd888_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd888 » Version: N/A
Qualcomm » Sd778g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd778g » Version: N/A
Qualcomm » Sd780g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd780g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd780g » Version: N/A
Qualcomm » Sm7325 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm7325_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm7325 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-30291

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 8 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-30291

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	2.5	5.9	Qualcomm, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-30291

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-30291

https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

October 2021 Security Bulletin | Qualcomm
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-30291

Products affected by CVE-2021-30291

Exploit prediction scoring system (EPSS) score for CVE-2021-30291

CVSS scores for CVE-2021-30291

CWE ids for CVE-2021-30291

References for CVE-2021-30291