CVSS: 7.8EPSS: 0%CPEs: 206EXPL: 0CVE-2021-30289
https://notcve.org/view.php?id=CVE-2021-30289
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento del búfer debido a una falta de comprobación del rango mientras es procesado un comando DIAG para la administración de COEX en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 250EXPL: 0CVE-2021-30282
https://notcve.org/view.php?id=CVE-2021-30282
Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible escritura fuera de límites de la tabla de particiones de RAM debido a una comprobación incorrecta del número de particiones proporcionadas en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 124EXPL: 0CVE-2021-30279
https://notcve.org/view.php?id=CVE-2021-30279
Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Una posible violación del control de acceso mientras es establecido el permiso actual para VMIDs debido al enmascaramiento inapropiado del permiso en Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-281: Improper Preservation of Permissions •
CVSS: 7.1EPSS: 0%CPEs: 252EXPL: 0CVE-2021-30278
https://notcve.org/view.php?id=CVE-2021-30278
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una comprobación de entrada inapropiada en la interfaz de transferencia de memoria TrustZone puede conllevar a una divulgación de información en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 116EXPL: 0CVE-2021-30276
https://notcve.org/view.php?id=CVE-2021-30276
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking Un control de acceso inapropiado mientras es realizada la reconfiguración dinámica de la XPU puede conllevar a un acceso no autorizado a un recurso seguro en Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin •