CVSS: 7.8EPSS: 0%CPEs: 122EXPL: 0CVE-2021-30298
https://notcve.org/view.php?id=CVE-2021-30298
Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible acceso fuera de límites debido a una comprobación incorrecta del tamaño del elemento y de los datos de los grupos de memoria DIAG mientras es cambiado entre la interfaz USB y PCIE en Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 206EXPL: 0CVE-2021-30289
https://notcve.org/view.php?id=CVE-2021-30289
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento del búfer debido a una falta de comprobación del rango mientras es procesado un comando DIAG para la administración de COEX en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 124EXPL: 0CVE-2021-30279
https://notcve.org/view.php?id=CVE-2021-30279
Possible access control violation while setting current permission for VMIDs due to improper permission masking in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Una posible violación del control de acceso mientras es establecido el permiso actual para VMIDs debido al enmascaramiento inapropiado del permiso en Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-281: Improper Preservation of Permissions •
CVSS: 7.1EPSS: 0%CPEs: 252EXPL: 0CVE-2021-30278
https://notcve.org/view.php?id=CVE-2021-30278
Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una comprobación de entrada inapropiada en la interfaz de transferencia de memoria TrustZone puede conllevar a una divulgación de información en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 116EXPL: 0CVE-2021-30276
https://notcve.org/view.php?id=CVE-2021-30276
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking Un control de acceso inapropiado mientras es realizada la reconfiguración dinámica de la XPU puede conllevar a un acceso no autorizado a un recurso seguro en Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin •