CVE-2021-30310 : Possible buffer overflow due to Improper validation of received CF-ACK and CF-Po

Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music

Published 2021-10-20 07:15:09

Updated 2021-10-26 18:49:52

Source Qualcomm, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowInput validation

Products affected by CVE-2021-30310

Qualcomm » Mdm9206 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9206 » Version: N/A
Qualcomm » Mdm9607 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9607 » Version: N/A
Qualcomm » Mdm9650 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9650 » Version: N/A
Qualcomm » Mdm9640 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9640 » Version: N/A
Qualcomm » Mdm9655 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9655 » Version: N/A
Qualcomm » Sdx20 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx20 » Version: N/A
Qualcomm » Apq8096au Firmware » Version: N/A
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Apq8096au » Version: N/A
Qualcomm » Msm8996au Firmware » Version: N/A
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Msm8996au » Version: N/A
Qualcomm » Qca4531 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca4531_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca4531 » Version: N/A
Qualcomm » Qca6174a Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6174a » Version: N/A
Qualcomm » Qca6574au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6574au » Version: N/A
Qualcomm » Qca6584au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6584au » Version: N/A
Qualcomm » Qca9377 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca9377 » Version: N/A
Qualcomm » Qca9379 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca9379_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca9379 » Version: N/A
Qualcomm » Qca9886 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca9886 » Version: N/A
Qualcomm » Qca6574 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6574 » Version: N/A
Qualcomm » Qca6564 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6564 » Version: N/A
Qualcomm » Sd210 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd210_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd210 » Version: N/A
Qualcomm » Sd820 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd820_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd820 » Version: N/A
Qualcomm » Sd845 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd845_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd845 » Version: N/A
Qualcomm » Sdx24 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx24 » Version: N/A
Qualcomm » Qca4020 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca4020_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca4020 » Version: N/A
Qualcomm » Apq8009 Firmware » Version: N/A
cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Apq8009 » Version: N/A
Qualcomm » Apq8017 Firmware » Version: N/A
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Apq8017 » Version: N/A
Qualcomm » Apq8053 Firmware » Version: N/A
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Apq8053 » Version: N/A
Qualcomm » Sdx55 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx55 » Version: N/A
Qualcomm » Sa6155p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa6155p » Version: N/A
Qualcomm » Sa515m Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa515m_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa515m » Version: N/A
Qualcomm » Qca6310 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6310 » Version: N/A
Qualcomm » Qca6595au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6595au » Version: N/A
Qualcomm » Wcd9335 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9335 » Version: N/A
Qualcomm » Wcd9340 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9340 » Version: N/A
Qualcomm » Wcd9341 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9341 » Version: N/A
Qualcomm » Wcn3990 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3990 » Version: N/A
Qualcomm » Wcn3998 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3998 » Version: N/A
Qualcomm » Wsa8810 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8810 » Version: N/A
Qualcomm » Wsa8815 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8815 » Version: N/A
Qualcomm » Sa8155p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa8155p » Version: N/A
Qualcomm » Mdm9250 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9250 » Version: N/A
Qualcomm » Mdm9628 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9628 » Version: N/A
Qualcomm » Sdx20m Firmware » Version: N/A
cpe:2.3:o:qualcomm:sdx20m_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sdx20m » Version: N/A
Qualcomm » Wcd9330 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9330 » Version: N/A
Qualcomm » Sa6155 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa6155 » Version: N/A
Qualcomm » Sa8155 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa8155 » Version: N/A
Qualcomm » Sm7250 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sm7250_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sm7250 » Version: N/A
Qualcomm » Sa6145p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa6145p » Version: N/A
Qualcomm » Sa6150p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa6150p » Version: N/A
Qualcomm » Sa8150p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa8150p » Version: N/A
Qualcomm » Sa8195p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa8195p » Version: N/A
Qualcomm » Csrb31024 Firmware » Version: N/A
cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Csrb31024 » Version: N/A
Qualcomm » Mdm9626 Firmware » Version: N/A
cpe:2.3:o:qualcomm:mdm9626_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Mdm9626 » Version: N/A
Qualcomm » Qca6175a Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6175a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6175a » Version: N/A
Qualcomm » Qca6320 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6320 » Version: N/A
Qualcomm » Qca6564a Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6564a » Version: N/A
Qualcomm » Qca6564au Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6564au » Version: N/A
Qualcomm » Qca6574a Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6574a » Version: N/A
Qualcomm » Qca6595 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6595 » Version: N/A
Qualcomm » Qca6696 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca6696 » Version: N/A
Qualcomm » Qca9367 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca9367 » Version: N/A
Qualcomm » Qca9369 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qca9369_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qca9369 » Version: N/A
Qualcomm » Sd690 5g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd690 5g » Version: N/A
Qualcomm » Sd750g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd750g » Version: N/A
Qualcomm » Sd765 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd765 » Version: N/A
Qualcomm » Sd765g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd765g » Version: N/A
Qualcomm » Sd768g Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd768g » Version: N/A
Qualcomm » Sd821 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd821_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd821 » Version: N/A
Qualcomm » Wcd9326 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9326 » Version: N/A
Qualcomm » Wcd9360 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9360_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9360 » Version: N/A
Qualcomm » Wcd9370 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9370 » Version: N/A
Qualcomm » Wcd9375 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9375 » Version: N/A
Qualcomm » Wcd9380 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9380 » Version: N/A
Qualcomm » Wcd9385 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcd9385 » Version: N/A
Qualcomm » Wcn3610 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3610 » Version: N/A
Qualcomm » Wcn3615 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3615 » Version: N/A
Qualcomm » Wcn3660b Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3660b » Version: N/A
Qualcomm » Wcn3680b Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3680b » Version: N/A
Qualcomm » Wcn3910 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3910 » Version: N/A
Qualcomm » Wcn3950 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3950 » Version: N/A
Qualcomm » Wcn3988 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3988 » Version: N/A
Qualcomm » Wcn3991 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wcn3991 » Version: N/A
Qualcomm » Wsa8830 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8830 » Version: N/A
Qualcomm » Wsa8835 Firmware » Version: N/A
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Wsa8835 » Version: N/A
Qualcomm » Qcm2290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcm2290 » Version: N/A
Qualcomm » Qcs2290 Firmware » Version: N/A
cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Qcs2290 » Version: N/A
Qualcomm » Sd480 Firmware » Version: N/A
cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sd480 » Version: N/A
Qualcomm » Sa8145p Firmware » Version: N/A
cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Qualcomm » Sa8145p » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-30310

EPSS FAQ

0.28%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 48 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-30310

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	Qualcomm, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-30310

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-30310

https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

October 2021 Security Bulletin | Qualcomm
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-30310

Products affected by CVE-2021-30310

Exploit prediction scoring system (EPSS) score for CVE-2021-30310

CVSS scores for CVE-2021-30310

CWE ids for CVE-2021-30310

References for CVE-2021-30310