Vulnerabilities > CVE-2021-1892 - Out-of-bounds Write vulnerability in Qualcomm products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

qualcomm

CWE-787

NVD

Published: 2021-04-07

Updated: 2022-06-28

Summary

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Aqt1000 Firmware - Qualcomm Pm8005 Firmware - Qualcomm Pm855 Firmware - Qualcomm Pm855P Firmware - Qualcomm Pm8998 Firmware - Qualcomm Pmi8998 Firmware - Qualcomm Qat3550 Firmware - Qualcomm Qca1062 Firmware - Qualcomm Qca1064 Firmware - Qualcomm Qca2066 Firmware - Qualcomm Qca6164 Firmware - Qualcomm Qca6174 Firmware - Qualcomm Qca6174A Firmware - Qualcomm Qca6310 Firmware - Qualcomm Qca6335 Firmware - Qualcomm Qca6391 Firmware - Qualcomm Qca6420 Firmware - Qualcomm Qca6430 Firmware - Qualcomm Qca6595Au Firmware - Qualcomm Qca9377 Firmware - Qualcomm Qcn7605 Firmware - Qualcomm Qcn7606 Firmware - Qualcomm Qet4100 Firmware - Qualcomm Qfe2081Fc Firmware - Qualcomm Qfe2082Fc Firmware - Qualcomm Qfe3100 Firmware - Qualcomm Qfe3440Fc Firmware - Qualcomm Qfe4455Fc Firmware - Qualcomm Qln1035Bd Firmware - Qualcomm Sd8C Firmware - Qualcomm Sd8Cx Firmware - Qualcomm Sd835 Firmware - Qualcomm Sd845 Firmware - Qualcomm Sd850 Firmware - Qualcomm Sdr8150 Firmware - Qualcomm Smb1350 Firmware - Qualcomm Smb1351 Firmware - Qualcomm Smb1380 Firmware - Qualcomm Smb1381 Firmware - Qualcomm Smb1390 Firmware - Qualcomm Smb2351 Firmware - Qualcomm Wcd9335 Firmware - Qualcomm Wcd9340 Firmware - Qualcomm Wcd9341 Firmware - Qualcomm Wcn3990 Firmware - Qualcomm Wcn3998 Firmware - Qualcomm Wcn6850 Firmware - Qualcomm Wcn6851 Firmware - Qualcomm Wcn6855 Firmware - Qualcomm Wcn6856 Firmware - Qualcomm Wgr7640 Firmware - Qualcomm Wsa8810 Firmware - Qualcomm Wsa8815 Firmware - Qualcomm Wtr5975 Firmware -	54
Hardware	Qualcomm Qualcomm Aqt1000 - Qualcomm Pm8005 - Qualcomm Pm855 - Qualcomm Pm855P - Qualcomm Pm8998 - Qualcomm Pmi8998 - Qualcomm Qat3550 - Qualcomm Qca1062 - Qualcomm Qca1064 - Qualcomm Qca2066 - Qualcomm Qca6164 - Qualcomm Qca6174 - Qualcomm Qca6174A - Qualcomm Qca6310 - Qualcomm Qca6335 - Qualcomm Qca6391 - Qualcomm Qca6420 - Qualcomm Qca6430 - Qualcomm Qca6595Au - Qualcomm Qca9377 - Qualcomm Qcn7605 - Qualcomm Qcn7606 - Qualcomm Qet4100 - Qualcomm Qfe2081Fc - Qualcomm Qfe2082Fc - Qualcomm Qfe3100 - Qualcomm Qfe3440Fc - Qualcomm Qfe4455Fc - Qualcomm Qln1035Bd - Qualcomm Sd8C - Qualcomm Sd8Cx - Qualcomm Sd835 - Qualcomm Sd845 - Qualcomm Sd850 - Qualcomm Sdr8150 - Qualcomm Smb1350 - Qualcomm Smb1351 - Qualcomm Smb1380 - Qualcomm Smb1381 - Qualcomm Smb1390 - Qualcomm Smb2351 - Qualcomm Wcd9335 - Qualcomm Wcd9340 - Qualcomm Wcd9341 - Qualcomm Wcn3990 - Qualcomm Wcn3998 - Qualcomm Wcn6850 - Qualcomm Wcn6851 - Qualcomm Wcn6855 - Qualcomm Wcn6856 - Qualcomm Wgr7640 - Qualcomm Wsa8810 - Qualcomm Wsa8815 - Qualcomm Wtr5975 -	54

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin