CVE-2021-35095
HIGHSnapdragon Connectivity - Snapdragon Mobile - Use After Free
Title source: llmDescription
Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin
Scores
CVSS v3
8.4
EPSS
0.0011
EPSS Percentile
29.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-502
Status
published
Products (10)
qualcomm/ar8035_firmware
qualcomm/qca8081_firmware
qualcomm/qca8337_firmware
qualcomm/sd_8_gen1_5g_firmware
qualcomm/sdx65_firmware
qualcomm/wcd9380_firmware
qualcomm/wcn6855_firmware
qualcomm/wcn6856_firmware
qualcomm/wsa8830_firmware
qualcomm/wsa8835_firmware
Published
Jun 14, 2022
Tracked Since
Feb 18, 2026