Vulnerabilities > Qualcomm > SD 8 Gen1 5G Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2021-35074 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-190
7.8
2022-02-11 CVE-2021-35075 NULL Pointer Dereference vulnerability in Qualcomm products
Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-476
7.8
2022-02-11 CVE-2021-35077 Use After Free vulnerability in Qualcomm products
Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-416
7.8
2022-01-13 CVE-2021-30287 Reachable Assertion vulnerability in Qualcomm products
Possible assertion due to improper validation of symbols configured for PDCCH monitoring in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
network
low complexity
qualcomm CWE-617
7.5
2022-01-13 CVE-2021-30300 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-704
7.5
2022-01-13 CVE-2021-30301 Resource Exhaustion vulnerability in Qualcomm products
Possible denial of service due to out of memory while processing RRC and NAS OTA message in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile
network
low complexity
qualcomm CWE-400
7.5
2022-01-13 CVE-2021-30307 Reachable Assertion vulnerability in Qualcomm products
Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
network
low complexity
qualcomm CWE-617
7.5
2022-01-13 CVE-2021-30308 Classic Buffer Overflow vulnerability in Qualcomm products
Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-120
7.8
2022-01-13 CVE-2021-30311 Improper Validation of Array Index vulnerability in Qualcomm products
Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-129
7.8
2022-01-13 CVE-2021-30313 Use After Free vulnerability in Qualcomm products
Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
local
high complexity
qualcomm CWE-416
6.4