CVE-2021-30294

CVE Database · CVE-2021-30294

CVE-2021-30294

· HIGHModified

CVSS v3.1

8.4

EPSS

0.14%

Published

Sep 9, 2021

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-476

Affected Products (82)

qualcomm · qca6174a_firmwarevulnerable

qualcomm · qca6174a

qualcomm · qca6574_firmwarevulnerable

qualcomm · qca6574

qualcomm · qca6574a_firmwarevulnerable

qualcomm · qca6574a

qualcomm · qca6574au_firmwarevulnerable

qualcomm · qca6574au

qualcomm · qca6595au_firmwarevulnerable

qualcomm · qca6595au

qualcomm · qca6696_firmwarevulnerable

References (2)

https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin

PatchVendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs