ID

VAR-202109-0298


CVE

CVE-2021-1946


TITLE

plural  Qualcomm  In the product  NULL  Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-011795

DESCRIPTION

Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile. plural Qualcomm The product has NULL There is a vulnerability in pointer dereference.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.25

sources: NVD: CVE-2021-1946 // JVNDB: JVNDB-2021-011795 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-1946

AFFECTED PRODUCTS

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9371scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd780gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:whs9410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd678scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsm8350scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8053scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8917scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd750gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6431scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6421scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8953scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8cxscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx12scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8cscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qualcomm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd480scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd665scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd210scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8017scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8920scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd778gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3910scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8940scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd720gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:msm8940scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8053scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8017scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8917scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8953scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6390scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8920scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-011795 // NVD: CVE-2021-1946

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1946
value: CRITICAL

Trust: 1.0

product-security@qualcomm.com: CVE-2021-1946
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-1946
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202109-287
value: CRITICAL

Trust: 0.6

VULMON: CVE-2021-1946
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-1946
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2021-1946
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

OTHER: JVNDB-2021-011795
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2021-1946 // JVNDB: JVNDB-2021-011795 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-287 // NVD: CVE-2021-1946 // NVD: CVE-2021-1946

PROBLEMTYPE DATA

problemtype:CWE-476

Trust: 1.0

problemtype:NULL Pointer dereference (CWE-476) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-011795 // NVD: CVE-2021-1946

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202109-287

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:September 2021 Security Bulletinurl:https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2021-bulletin.html

Trust: 0.8

title:Qualcomm chip Fixes for code issue vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=162198

Trust: 0.6

sources: JVNDB: JVNDB-2021-011795 // CNNVD: CNNVD-202109-287

EXTERNAL IDS

db:NVDid:CVE-2021-1946

Trust: 3.3

db:JVNDBid:JVNDB-2021-011795

Trust: 0.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021090616

Trust: 0.6

db:CNNVDid:CNNVD-202109-287

Trust: 0.6

db:VULMONid:CVE-2021-1946

Trust: 0.1

sources: VULMON: CVE-2021-1946 // JVNDB: JVNDB-2021-011795 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-287 // NVD: CVE-2021-1946

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-1946

Trust: 1.4

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-september-2021-36342

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021090616

Trust: 0.6

url:https://source.android.com/security/bulletin/2021-09-01

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/476.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2021-1946 // JVNDB: JVNDB-2021-011795 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-287 // NVD: CVE-2021-1946

SOURCES

db:VULMONid:CVE-2021-1946
db:JVNDBid:JVNDB-2021-011795
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202109-287
db:NVDid:CVE-2021-1946

LAST UPDATE DATE

2024-08-14T13:00:58.538000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-1946date:2021-09-22T00:00:00
db:JVNDBid:JVNDB-2021-011795date:2022-08-12T07:06:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202109-287date:2021-09-23T00:00:00
db:NVDid:CVE-2021-1946date:2021-09-22T20:26:19.137

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-1946date:2021-09-09T00:00:00
db:JVNDBid:JVNDB-2021-011795date:2022-08-12T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202109-287date:2021-09-06T00:00:00
db:NVDid:CVE-2021-1946date:2021-09-09T08:15:21.700