ID

VAR-202111-0609


CVE

CVE-2021-1975


TITLE

plural  Qualcomm  Out-of-bounds write vulnerabilities in the product

Trust: 0.8

sources: JVNDB: JVNDB-2021-014857

DESCRIPTION

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2021-1975 // JVNDB: JVNDB-2021-014857

AFFECTED PRODUCTS

vendor:qualcommmodel:mdm9150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9630scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:whs9410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd678scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fsm10056scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsw8573scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9367scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8208scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sc8180x\+sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsm8350scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8909wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs605scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 636scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8917scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8976sgscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8608scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9230scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx50mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm8450pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6431scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9628scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdw2500scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm8615mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8037scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9207scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa415mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca4004scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd662scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csr6030scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx24scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9330scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fsm10055scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9607scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 455scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9306scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csrb31024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd480scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8209scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6225scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6694auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8920scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd720gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9379scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9206scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx65scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs603scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8976scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9371scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8108scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd780gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn7850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8096auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8937scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm8450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd7cscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd750gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm630scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd712scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm8215mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6421scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8cxscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx12scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8cscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm8207scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sda429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx20scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd820scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9330scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm8215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qualcomm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6694scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd665scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9615mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9650scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd210scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8017scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd778gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3910scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8940scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcx315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar6003scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd821scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:csrb31024scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8096auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fsm10055scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar6003scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csr6030scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8037scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8017scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-014857 // NVD: CVE-2021-1975

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1975
value: HIGH

Trust: 1.0

product-security@qualcomm.com: CVE-2021-1975
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-1975
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202111-183
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2021-1975
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

product-security@qualcomm.com: CVE-2021-1975
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2021-014857
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2021-014857 // CNNVD: CNNVD-202111-183 // NVD: CVE-2021-1975 // NVD: CVE-2021-1975

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-014857 // NVD: CVE-2021-1975

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-183

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202111-183

PATCH

title:November 2021 Security Bulletinurl:https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2021-bulletin.html

Trust: 0.8

title:Multiple Qualcomm Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=169787

Trust: 0.6

sources: JVNDB: JVNDB-2021-014857 // CNNVD: CNNVD-202111-183

EXTERNAL IDS

db:NVDid:CVE-2021-1975

Trust: 3.2

db:JVNDBid:JVNDB-2021-014857

Trust: 0.8

db:AUSCERTid:ESB-2021.3637

Trust: 0.6

db:CS-HELPid:SB2021110303

Trust: 0.6

db:CNNVDid:CNNVD-202111-183

Trust: 0.6

sources: JVNDB: JVNDB-2021-014857 // CNNVD: CNNVD-202111-183 // NVD: CVE-2021-1975

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-1975

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2021.3637

Trust: 0.6

url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-november-2021-36782

Trust: 0.6

url:https://source.android.com/security/bulletin/2021-11-01

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021110303

Trust: 0.6

sources: JVNDB: JVNDB-2021-014857 // CNNVD: CNNVD-202111-183 // NVD: CVE-2021-1975

SOURCES

db:JVNDBid:JVNDB-2021-014857
db:CNNVDid:CNNVD-202111-183
db:NVDid:CVE-2021-1975

LAST UPDATE DATE

2024-08-14T12:22:35.439000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2021-014857date:2022-10-28T09:13:00
db:CNNVDid:CNNVD-202111-183date:2021-11-18T00:00:00
db:NVDid:CVE-2021-1975date:2021-11-16T15:21:29.960

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2021-014857date:2022-10-28T00:00:00
db:CNNVDid:CNNVD-202111-183date:2021-11-01T00:00:00
db:NVDid:CVE-2021-1975date:2021-11-12T07:15:07.123