Buffer Overflow Vulnerability in Qualcomm Snapdragon Products
CVE-2021-30260
Key Information:
- Vendor
- Qualcomm
- Vendor
- CVE Published:
- 17 September 2021
Summary
The vulnerability involves an integer overflow that could lead to a buffer overflow due to inadequate validation of input parameters within various Snapdragon configurations. When the extscan hostlist configuration command is processed, this flaw presents a potential risk across multiple Snapdragon platforms, affecting a wide range of consumer and industrial applications. Exploiting this vulnerability could allow an attacker to execute arbitrary code, compromising the affected system.
Affected Version(s)
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking APQ8009, APQ8017, APQ8053, APQ8064AU, APQ8076, APQ8092, APQ8094, APQ8096AU, AQT1000, AR8031, AR8035, AR9380, CSR6030, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM8215, MDM9206, MDM9215, MDM9250, MDM9310, MDM9607, MDM9615, MDM9626, MDM9628, MDM9640, MDM9645, MDM9650, MSM8976, MSM8992, MSM8994, MSM8996AU, PMP8074, QCA0000, QCA1023, QCA1062, QCA1064, QCA1990, QCA2062, QCA2064, QCA2065, QCA2066, QCA4020, QCA4024, QCA4531, QCA6174, QCA6174A, QCA6175A, QCA6234, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6428, QCA6430, QCA6431, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6696, QCA8072, QCA8075, QCA8081, QCA8337, QCA9367, QCA9377, QCA9378A, Q ...[truncated*]
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved