CVE-2021-30269

HIGH

Qualcomm AR8031 and related firmware - Null Pointer Dereference

Title source: llm

Description

Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin

Scores

CVSS v3 7.3

EPSS 0.0003

EPSS Percentile 9.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Details

CWE

CWE-476

Status published

Products (50)

qualcomm/ar8031_firmware

qualcomm/ar8035_firmware

qualcomm/csra6620_firmware

qualcomm/csra6640_firmware

qualcomm/csrb31024_firmware

qualcomm/fsm10055_firmware

qualcomm/fsm10056_firmware

qualcomm/mdm9150_firmware

qualcomm/mdm9205_firmware

qualcomm/qca2066_firmware

... and 40 more

Published Jan 03, 2022

Tracked Since Feb 18, 2026