Description
Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin
Scores
CVSS v3
7.5
EPSS
0.0029
EPSS Percentile
52.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (50)
qualcomm/apq8017_firmware
qualcomm/ar8035_firmware
qualcomm/msm8917_firmware
qualcomm/qca6390_firmware
qualcomm/qca6391_firmware
qualcomm/qca6421_firmware
qualcomm/qca6426_firmware
qualcomm/qca6431_firmware
qualcomm/qca6436_firmware
qualcomm/qca6574a_firmware
... and 40 more
Published
Nov 12, 2021
Tracked Since
Feb 18, 2026