TROYANOSYVIRUS
Back to CVEs

CVE-2021-35081

CRITICAL
9.8

Description

Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CVE Details

CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published6/14/2022
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0

Affected Products

qualcomm:aqt1000qualcomm:aqt1000_firmwarequalcomm:ar8035qualcomm:ar8035_firmwarequalcomm:qca6390qualcomm:qca6390_firmwarequalcomm:qca6391qualcomm:qca6391_firmwarequalcomm:qca6564qualcomm:qca6564_firmwarequalcomm:qca6564auqualcomm:qca6564au_firmwarequalcomm:qca6574aqualcomm:qca6574a_firmwarequalcomm:qca8081qualcomm:qca8081_firmwarequalcomm:qca8337qualcomm:qca8337_firmwarequalcomm:qcm2290qualcomm:qcm2290_firmwarequalcomm:qcm4290qualcomm:qcm4290_firmwarequalcomm:qcm6125qualcomm:qcm6125_firmwarequalcomm:qcm6490qualcomm:qcm6490_firmwarequalcomm:qcn7605qualcomm:qcn7605_firmwarequalcomm:qcn7606qualcomm:qcn7606_firmwarequalcomm:qcs2290qualcomm:qcs2290_firmwarequalcomm:qcs4290qualcomm:qcs4290_firmwarequalcomm:qcs610qualcomm:qcs610_firmwarequalcomm:qcs6125qualcomm:qcs6125_firmwarequalcomm:qcs6490qualcomm:qcs6490_firmwarequalcomm:qrb5165qualcomm:qrb5165_firmwarequalcomm:qrb5165mqualcomm:qrb5165m_firmwarequalcomm:qrb5165nqualcomm:qrb5165n_firmwarequalcomm:sa6145pqualcomm:sa6145p_firmwarequalcomm:sa6150pqualcomm:sa6150p_firmwarequalcomm:sa6155pqualcomm:sa6155p_firmwarequalcomm:sa8145pqualcomm:sa8145p_firmwarequalcomm:sa8150pqualcomm:sa8150p_firmwarequalcomm:sa8155pqualcomm:sa8155p_firmwarequalcomm:sa8195pqualcomm:sa8195p_firmwarequalcomm:sd460qualcomm:sd460_firmwarequalcomm:sd480qualcomm:sd480_firmwarequalcomm:sd662qualcomm:sd662_firmwarequalcomm:sd690_5gqualcomm:sd690_5g_firmwarequalcomm:sd750gqualcomm:sd750g_firmwarequalcomm:sd765qualcomm:sd765_firmwarequalcomm:sd765gqualcomm:sd765g_firmwarequalcomm:sd768gqualcomm:sd768g_firmwarequalcomm:sd778gqualcomm:sd778g_firmwarequalcomm:sd780gqualcomm:sd780g_firmwarequalcomm:sd855qualcomm:sd855_firmwarequalcomm:sd865_5gqualcomm:sd865_5g_firmwarequalcomm:sd870qualcomm:sd870_firmwarequalcomm:sd888_5gqualcomm:sd888_5g_firmwarequalcomm:sdx55qualcomm:sdx55_firmwarequalcomm:sdx55mqualcomm:sdx55m_firmwarequalcomm:sdx65qualcomm:sdx65_firmwarequalcomm:sdxr1qualcomm:sdxr1_firmwarequalcomm:sm6375qualcomm:sm6375_firmwarequalcomm:sm7250pqualcomm:sm7250p_firmwarequalcomm:sm7325pqualcomm:sm7325p_firmwarequalcomm:wcd9326qualcomm:wcd9326_firmwarequalcomm:wcd9341qualcomm:wcd9341_firmwarequalcomm:wcd9370qualcomm:wcd9370_firmwarequalcomm:wcd9375qualcomm:wcd9375_firmwarequalcomm:wcd9380qualcomm:wcd9380_firmwarequalcomm:wcd9385qualcomm:wcd9385_firmwarequalcomm:wcn3910qualcomm:wcn3910_firmwarequalcomm:wcn3950qualcomm:wcn3950_firmwarequalcomm:wcn3980qualcomm:wcn3980_firmwarequalcomm:wcn3988qualcomm:wcn3988_firmwarequalcomm:wcn3991qualcomm:wcn3991_firmwarequalcomm:wcn3998qualcomm:wcn3998_firmwarequalcomm:wcn6740qualcomm:wcn6740_firmwarequalcomm:wcn6750qualcomm:wcn6750_firmwarequalcomm:wcn6850qualcomm:wcn6850_firmwarequalcomm:wcn6851qualcomm:wcn6851_firmwarequalcomm:wcn6855qualcomm:wcn6855_firmwarequalcomm:wcn6856qualcomm:wcn6856_firmwarequalcomm:wsa8810qualcomm:wsa8810_firmwarequalcomm:wsa8815qualcomm:wsa8815_firmwarequalcomm:wsa8830qualcomm:wsa8830_firmwarequalcomm:wsa8835qualcomm:wsa8835_firmware

Weaknesses (CWE)

CWE-120

References

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin(product-security@qualcomm.com)
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.