CVE-2021-30313
https://notcve.org/view.php?id=CVE-2021-30313
Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Puede producirse una condición de uso de memoria previamente liberada en la conectividad por cable debido a una condición de carrera mientras se crean y eliminan carpetas en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/january-2022-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVE-2021-30303
https://notcve.org/view.php?id=CVE-2021-30303
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un posible desbordamiento del búfer debido a una falta de comprobación de la longitud del búfer cuando es recibido un comando WMI segmentado en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2021-30266
https://notcve.org/view.php?id=CVE-2021-30266
Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un posible uso de memoria previamente liberada debido a una comprobación inapropiada de la memoria cuando es inicializada una nueva interfaz mediante el comando Interface add en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-416: Use After Free •
CVE-2021-1924
https://notcve.org/view.php?id=CVE-2021-1924
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una revelación de información mediante canales laterales de tiempo y energía durante la exponenciación de mods para RSA-CRT en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-203: Observable Discrepancy •
CVE-2021-1903
https://notcve.org/view.php?id=CVE-2021-1903
Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Puede producirse un escenario de denegación de servicio debido a una falta de comprobación de longitud en el anuncio de cambio de canal IE en la trama de respuesta de baliza o sonda en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-863: Incorrect Authorization •