Description
Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin
Scores
CVSS v3
9.8
EPSS
0.0027
EPSS Percentile
50.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (23)
qualcomm/aqt1000_firmware
qualcomm/qca1062_firmware
qualcomm/qca1064_firmware
qualcomm/qca2066_firmware
qualcomm/qca6320_firmware
qualcomm/qca6391_firmware
qualcomm/qca6420_firmware
qualcomm/qca6430_firmware
qualcomm/sc8280xp_firmware
qualcomm/sd_8cx_firmware
... and 13 more
Published
Nov 12, 2021
Tracked Since
Feb 18, 2026