CVE-2021-35129

HIGH

Snapdragon - Memory Corruption

Title source: llm

Description

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

Scores

CVSS v3 7.8

EPSS 0.0011

EPSS Percentile 29.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-120

Status published

Products (45)

qualcomm/ar8035_firmware

qualcomm/ipq5010_firmware

qualcomm/ipq5018_firmware

qualcomm/ipq5028_firmware

qualcomm/qca2062_firmware

qualcomm/qca2064_firmware

qualcomm/qca2065_firmware

qualcomm/qca2066_firmware

qualcomm/qca6391_firmware

qualcomm/qca8081_firmware

... and 35 more

Published Jun 14, 2022

Tracked Since Feb 18, 2026