CVE-2021-30255
https://notcve.org/view.php?id=CVE-2021-30255
Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento del búfer debido a una comprobación de entrada inapropiada en el comando PDM DIAG en FTM en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-129: Improper Validation of Array Index •
CVE-2021-1979
https://notcve.org/view.php?id=CVE-2021-1979
Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Posible desbordamiento del búfer debido a una comprobación inapropiada de la carga útil del comando FTM en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-787: Out-of-bounds Write •
CVE-2021-1975
https://notcve.org/view.php?id=CVE-2021-1975
Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Posible desbordamiento de la pila debido a una comprobación inapropiada de la longitud del dominio mientras se analiza la respuesta DNS en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-787: Out-of-bounds Write •
CVE-2021-1973
https://notcve.org/view.php?id=CVE-2021-1973
A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un comando FTM Diag puede permitir una escritura arbitraria en el espacio del Sistema Operativo del módem en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2021-1924
https://notcve.org/view.php?id=CVE-2021-1924
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una revelación de información mediante canales laterales de tiempo y energía durante la exponenciación de mods para RSA-CRT en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-203: Observable Discrepancy •