← Volver a CVEs
CVE-2021-35095
HIGH8.4
Descripcion
Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile
Detalles CVE
Puntuacion CVSS v3.18.4
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado6/14/2022
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
qualcomm:ar8035qualcomm:ar8035_firmwarequalcomm:qca8081qualcomm:qca8081_firmwarequalcomm:qca8337qualcomm:qca8337_firmwarequalcomm:sd_8_gen1_5g_firmwarequalcomm:sdx65qualcomm:sdx65_firmwarequalcomm:sm8475qualcomm:wcd9380qualcomm:wcd9380_firmwarequalcomm:wcn6855qualcomm:wcn6855_firmwarequalcomm:wcn6856qualcomm:wcn6856_firmwarequalcomm:wsa8830qualcomm:wsa8830_firmwarequalcomm:wsa8835qualcomm:wsa8835_firmware
Debilidades (CWE)
CWE-502
Referencias
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin(product-security@qualcomm.com)
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.