CVE-2021-1901
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
13/07/2021
Last modified:
15/07/2021
Description
Possible buffer over-read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Impact
Base Score 3.x
4.60
Severity 3.x
MEDIUM
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page