CVE-2021-30275

CVE Database · CVE-2021-30275

CVE-2021-30275

· CRITICALModified

CVSS v3.1

9.3

EPSS

0.15%

Published

Jan 3, 2022

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Weaknesses (CWE)

CWE-190

Affected Products (254)

qualcomm · ar8031_firmwarevulnerable

qualcomm · ar8031

qualcomm · ar8035_firmwarevulnerable

qualcomm · ar8035

qualcomm · csr8811_firmwarevulnerable

qualcomm · csr8811

qualcomm · csra6620_firmwarevulnerable

qualcomm · csra6620

qualcomm · csra6640_firmwarevulnerable

qualcomm · csra6640

qualcomm · csrb31024_firmwarevulnerable

· csrb31024

References (2)

https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs