CVSS: 8.4EPSS: 0%CPEs: 82EXPL: 0CVE-2021-30290
https://notcve.org/view.php?id=CVE-2021-30290
Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile Una posible desreferencia de puntero null debido a una condición de carrera entre la señal de valla de la línea de tiempo y la destrucción de la línea de tiempo en Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 380EXPL: 0CVE-2021-1974
https://notcve.org/view.php?id=CVE-2021-1974
Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible lectura excesiva del búfer debido a una falta de alineación entre la longitud de mapeo o desmapeo de IPA SMMU y WLAN SMMU en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 224EXPL: 0CVE-2021-1963
https://notcve.org/view.php?id=CVE-2021-1963
Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible uso de memoria previamente liberada debido a una falta de comprobación para el recuento de reglas en la tabla de filtros en el controlador IPA en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 168EXPL: 0CVE-2021-1962
https://notcve.org/view.php?id=CVE-2021-1962
Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un desbordamiento del búfer mientras se procesa IOCTL para conseguir información de endpoints periféricos no se comprueba apropiadamente la entrada del par de endpoints máximo y su tamaño en Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.7EPSS: 0%CPEs: 226EXPL: 1CVE-2021-1961
https://notcve.org/view.php?id=CVE-2021-1961
Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento del búfer debido a una falta de comprobación de la longitud del desplazamiento mientras se actualiza el valor del búfer en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://github.com/tamirzb/CVE-2021-1961 https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •