Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-35091

Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile

Published

2022-06-14T10:15:16.503

Last Modified

2024-11-21T06:11:52.067

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.4 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

3.9

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-704
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System qualcomm sd_8_gen1_5g_firmware - Yes
Hardware qualcomm sm8475 - No
Operating System qualcomm wcd9380_firmware - Yes
Hardware qualcomm wcd9380 - No
Operating System qualcomm wcn6855_firmware - Yes
Hardware qualcomm wcn6855 - No
Operating System qualcomm wcn6856_firmware - Yes
Hardware qualcomm wcn6856 - No
Operating System qualcomm wsa8830_firmware - Yes
Hardware qualcomm wsa8830 - No
Operating System qualcomm wsa8835_firmware - Yes
Hardware qualcomm wsa8835 - No
References