CVSS: 10.0EPSS: 0%CPEs: 146EXPL: 0CVE-2021-35081
https://notcve.org/view.php?id=CVE-2021-35081
Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Un posible desbordamiento del búfer debido a una comprobación inapropiada de la longitud de SSID recibida de la baliza o la respuesta de la sonda durante una sesión IBSS en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 342EXPL: 0CVE-2021-35071
https://notcve.org/view.php?id=CVE-2021-35071
Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible lectura excesiva del búfer debido a una falta de comprobación del tamaño mientras se copian datos del búfer DBR al búfer RX y puede conllevar a una denegación de servicio en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2021-35070
https://notcve.org/view.php?id=CVE-2021-35070
RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile RPM secure Stream puede acceder a cualquier recurso seguro debido a una configuración inapropiada de la SMMU y puede conllevar a una divulgación de información en Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 128EXPL: 0CVE-2021-30347
https://notcve.org/view.php?id=CVE-2021-30347
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile Una comprobación de integridad inapropiada puede conllevar a una condición de carrera entre las tareas PDCP y RRC? justo después de recibir un paquete de comando RRC válido en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.5EPSS: 0%CPEs: 56EXPL: 0CVE-2021-30346
https://notcve.org/view.php?id=CVE-2021-30346
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking RPM secure Stream puede acceder a cualquier recurso seguro debido a una configuración inapropiada de la SMMU en Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin •