CVE-2021-1934

HIGH

Qualcomm Apq8017 Firmware - Double Free

Title source: rule

Description

Possible memory corruption due to improper check when application loader object is explicitly destructed while application is unloading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

References (1)

[Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin

Scores

CVSS v3 8.4

EPSS 0.0004

EPSS Percentile 11.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (50)

qualcomm/apq8017_firmware

qualcomm/apq8053_firmware

qualcomm/aqt1000_firmware

qualcomm/msm8917_firmware

qualcomm/msm8953_firmware

qualcomm/qca6310_firmware

qualcomm/qca6320_firmware

qualcomm/qca6390_firmware

qualcomm/qca6391_firmware

qualcomm/qca6420_firmware

qualcomm/qca6421_firmware

qualcomm/qca6426_firmware

qualcomm/qca6430_firmware

qualcomm/qca6431_firmware

qualcomm/qca6436_firmware

... and 35 more

Timeline

Published Sep 09, 2021

Tracked Since Feb 18, 2026