Buffer Overflow in Sahara Protocol Affects Qualcomm Snapdragon Products
CVE-2021-30327
Key Information:
- Vendor
Qualcomm
- Vendor
- CVE Published:
- 14 June 2022
Badges
What is CVE-2021-30327?
A buffer overflow vulnerability exists in the Sahara protocol utilized within Qualcomm's Snapdragon mobile platforms. This flaw can lead to the unintended overwriting of secure configuration data, potentially compromising system integrity and security across a range of Snapdragon products, including Mobile, Compute, Auto, IOT, Connectivity, and Voice & Music solutions. Users and developers are urged to apply necessary security updates as provided by Qualcomm to mitigate risks.
Affected Version(s)
Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music APQ8097, APQ8098, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, MDM9205, MSM8997, MSM8998, QCA6595, QCA6595AU, QCN7605, QCN7605W, QCN7606, QCN7606W, QCS401, QCS402, QCS403, QCS404, QCS405, QCS407, SA2145P, SA2150P, SA4150P, SA4155P, SA415M, SA4250P, SA515M, SA6115, SA6115P, SA6125, SA6125P, SA6145, SA6145P, SA615x, SA615xP, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC7180P, SC8180X, SC8180XP, SDA658, SDA660, SDA670, SDA830, SDA845, SDM640, SDM658, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDPX55M, SDX24, SDX24M, SDX55, SM4250, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.