ID

VAR-202204-0119


CVE

CVE-2021-30341


TITLE

Out-of-bounds write vulnerability in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2021-019926

DESCRIPTION

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables. APQ8009W firmware, APQ8096AU firmware, AQT1000 Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2021-30341 // JVNDB: JVNDB-2021-019926

AFFECTED PRODUCTS

vendor:qualcommmodel:sdx65scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd780gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd678scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8096auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd680scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qsw8573scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9367scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr1scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd7cscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8909wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8cx gen2scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd750gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9628scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdw2500scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9207scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa415mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca4004scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd662scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx12scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sda429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm8207scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa515mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx20scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx24scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9330scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9607scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9306scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csrb31024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd480scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd665scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd210scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8 gen1 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd778gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3910scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd720gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcx315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9379scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9206scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:qca4004scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8909wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm8207scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9205scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9206scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9250scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csrb31024scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6390scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9207scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6420scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9640scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6391scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8096auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:msm8996auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:qca6174ascope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9628scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9607scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-019926 // NVD: CVE-2021-30341

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-30341
value: CRITICAL

Trust: 1.0

product-security@qualcomm.com: CVE-2021-30341
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-30341
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202204-2510
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2021-30341
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2021-30341
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-30341
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2021-019926 // CNNVD: CNNVD-202204-2510 // NVD: CVE-2021-30341 // NVD: CVE-2021-30341

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-019926 // NVD: CVE-2021-30341

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-2510

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202204-2510

PATCH

title:Multiple Qualcomm Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=197623

Trust: 0.6

sources: CNNVD: CNNVD-202204-2510

EXTERNAL IDS

db:NVDid:CVE-2021-30341

Trust: 3.2

db:JVNDBid:JVNDB-2021-019926

Trust: 0.8

db:CS-HELPid:SB2022040802

Trust: 0.6

db:CNNVDid:CNNVD-202204-2510

Trust: 0.6

sources: JVNDB: JVNDB-2021-019926 // CNNVD: CNNVD-202204-2510 // NVD: CVE-2021-30341

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-2021-30341

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022040802

Trust: 0.6

url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-april-2022-37959

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2021-30341/

Trust: 0.6

url:https://source.android.com/security/bulletin/2022-04-01

Trust: 0.6

sources: JVNDB: JVNDB-2021-019926 // CNNVD: CNNVD-202204-2510 // NVD: CVE-2021-30341

SOURCES

db:JVNDBid:JVNDB-2021-019926
db:CNNVDid:CNNVD-202204-2510
db:NVDid:CVE-2021-30341

LAST UPDATE DATE

2024-08-14T13:22:27.673000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2021-019926date:2023-08-25T08:15:00
db:CNNVDid:CNNVD-202204-2510date:2022-07-01T00:00:00
db:NVDid:CVE-2021-30341date:2023-04-19T17:10:55.030

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2021-019926date:2023-08-25T00:00:00
db:CNNVDid:CNNVD-202204-2510date:2022-04-04T00:00:00
db:NVDid:CVE-2021-30341date:2022-06-14T10:15:14.877