Headline
CVE-2021-30353: January 2022 Security Bulletin | Qualcomm
Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
Version 1.0****Published: 01/04/2022
This security bulletin is intended to help Qualcomm Technologies, Inc. (QTI) customers incorporate security updates in launched or upcoming devices. This document includes (i) a description of security vulnerabilities that have been addressed in QTI’s proprietary code and (ii) links to related code that has been contributed to Code Aurora Forum (CAF), a Linux Foundation Collaborative Project, to address security vulnerabilities for customers who incorporate Linux-based software from CAF into their devices…
Please reach out to [email protected] for any questions related to this bulletin.
Table of Contents****Announcements
None.
Acknowledgements
We would like to thank these researchers for their contributions in reporting these issues to us.
CVE-2021-30308, CVE-2021-30311
Peter Park (peterpark)
CVE-2021-30319
Dongsong Yu
CVE-2021-30313
Reported to us through Google Android Security team; please see bulletins at https://source.android.com/security/overview/acknowledgements/ for individual credit information. For issues rated medium or lower, the individual credit information may appear in a future Android major release bulletin.
CVE-2021-30314
吴宪林([email protected]) from OPPO Amber Security Lab and 卢昌鑫([email protected]) from Tencent Keen Security Lab
Proprietary Software Issues****The tables below summarize security vulnerabilities that were addressed through proprietary software
This table lists high impact security vulnerabilities. Patches have been released for affected products. OEMs have been notified and strongly recommended to release patches on end devices.
Public ID
Security Rating
CVSS Rating
Technology Area
Date Reported
CVE-2021-30285
Critical
Critical
KERNEL
Internal
CVE-2021-30287
High
High
NR5G
Internal
CVE-2021-30300
High
High
LTE
Internal
CVE-2021-30301
High
High
RFA
Internal
CVE-2021-30307
High
High
Data Modem
Internal
CVE-2021-30308
High
High
RFA
03/28/2021
CVE-2021-30311
High
High
NR5G
04/04/2021
CVE-2021-30330
High
High
Video
Internal
This table lists moderate security vulnerabilities. OEMs have been notified and encouraged to patch these issues.
Public ID
Security Rating
CVSS Rating
Technology Area
Date Reported
CVE-2021-30314
Medium
Medium
Telephony
03/18/2021
CVE-2021-30285
CVE ID
CVE-2021-30285
Title
Improper Input Validation in Kernel
Description
Improper validation of memory region in Hypervisor can lead to incorrect region mapping
Technology Area
KERNEL
Vulnerability Type
CWE-20 Improper Input Validation
Access Vector
Local
Security Rating
Critical
CVSS Rating
Critical
CVSS Score
9.3
CVSS String
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Date Reported
Internal
Customer Notified Date
07/05/2021
Affected Chipsets*
AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM9150, MDM9205, QCA4004, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8337, QCA9377, QCA9984, QCM2290, QCM4290, QCM6490, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6490, QCX315, QRB5165, QRB5165N, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD 8cx Gen2, SD460, SD480, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD7c, SD865 5G, SD870, SD888 5G, SDX24, SDX55, SDX55M, SDX57M, SDXR1, SDXR2 5G, SM6225, SM6250, SM6250P, SM6375, SM7250P, SM7325P, WCD9306, WCD9335, WCD9370, WCD9375, WCD9380, WCD9385, WCN3910, WCN3950, WCN3988, WCN3991, WCN3999, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835
CVE-2021-30287
CVE ID
CVE-2021-30287
Title
Reachable Assertion in MODEM
Description
Possible assertion due to improper validation of symbols configured for PDCCH monitoring
Technology Area
NR5G
Vulnerability Type
CWE-617 Reachable Assertion
Access Vector
Remote
Security Rating
High
CVSS Rating
High
CVSS Score
7.5
CVSS String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Date Reported
Internal
Customer Notified Date
07/05/2021
Affected Chipsets*
AR8035, QCA6390, QCA6391, QCA6426, QCA6436, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCX315, SA515M, SD 675, SD 8 Gen1 5G, SD480, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD865 5G, SD870, SD888, SDX55, SDX55M, SDX65, SDXR2 5G, SM6250, SM6250P, SM6375, SM7250P, SM7315, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
CVE-2021-30300
CVE ID
CVE-2021-30300
Title
Incorrect Type Conversion or Cast in Modem
Description
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration
Technology Area
LTE
Vulnerability Type
CWE-704 Incorrect Type Conversion or Cast
Access Vector
Remote
Security Rating
High
CVSS Rating
High
CVSS Score
7.5
CVSS String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Date Reported
Internal
Customer Notified Date
07/05/2021
Affected Chipsets*
APQ8009W, APQ8017, APQ8096AU, AR8035, CSRB31024, FSM10055, FSM10056, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9607, MDM9628, MDM9640, MSM8909W, MSM8996AU, QCA4004, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9367, QCA9377, QCM2290, QCM4290, QCS2290, QCS410, QCS4290, QCS610, QCX315, QSW8573, SA415M, SA515M, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD205, SD210, SD429, SD460, SD480, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD7c, SD850, SD865 5G, SD870, SDA429W, SDM429W, SDW2500, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM6225, SM6250, SM6250P, SM6375, SM7250P, WCD9306, WCD9330, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3620, WCN3910, WCN3950, WCN3988, WCN3991, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835
CVE-2021-30301
CVE ID
CVE-2021-30301
Title
Uncontrolled Resource Consumption in Modem
Description
Possible denial of service due to out of memory while processing RRC and NAS OTA message
Technology Area
RFA
Vulnerability Type
CWE-400 Uncontrolled Resource Consumption (‘Resource Exhaustion’)
Access Vector
Remote
Security Rating
High
CVSS Rating
High
CVSS Score
7.5
CVSS String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Date Reported
Internal
Customer Notified Date
07/05/2021
Affected Chipsets*
AR8035, QCA6390, QCA6391, QCA6574A, QCA6595AU, QCA6696, QCA8081, QCA8337, QCX315, SA515M, SD 675, SD 8 Gen1 5G, SD480, SD675, SD678, SD690 5G, SD720G, SD730, SD765, SD765G, SD768G, SD865 5G, SD870, SDX55, SDX55M, SDX65, SM6250, SM6250P, SM6375, SM7250P, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
CVE-2021-30307
CVE ID
CVE-2021-30307
Title
Reachable Assertion in Data Modem
Description
Possible denial of service due to improper validation of DNS response when DNS client requests with PTR, NAPTR or SRV query type
Technology Area
Data Modem
Vulnerability Type
CWE-617 Reachable Assertion
Access Vector
Remote
Security Rating
High
CVSS Rating
High
CVSS Score
7.5
CVSS String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Date Reported
Internal
Customer Notified Date
07/05/2021
Affected Chipsets*
AR8035, CSRB31024, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6490, QCS2290, QCS410, QCS4290, QCS610, QCS6490, QCX315, SA415M, SA515M, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD460, SD480, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD7c, SD865 5G, SD870, SD888, SD888 5G, SDX24, SDX55, SDX55M, SDX65, SDXR2 5G, SM6225, SM6250, SM6250P, SM6375, SM7250P, SM7315, SM7325P, WCD9340, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835
CVE-2021-30308
CVE ID
CVE-2021-30308
Title
Buffer Copy Without Checking Size of Input in Modem
Description
Possible buffer overflow while printing the HARQ memory partition detail due to improper validation of buffer size
Technology Area
RFA
Vulnerability Type
CWE-120 Buffer Copy Without Checking Size of Input (‘Classic Buffer Overflow’)
Access Vector
Local
Security Rating
High
CVSS Rating
High
CVSS Score
7.8
CVSS String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Date Reported
03/28/2021
Customer Notified Date
07/05/2021
Affected Chipsets*
AQT1000, AR8035, CSRB31024, FSM10056, MDM9150, MDM9250, MDM9650, QCA6174A, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCS410, QCS603, QCS605, QCS610, QCX315, SA415M, SA515M, SD 675, SD 8 Gen1 5G, SD 8cx Gen2, SD480, SD660, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD7c, SD845, SD850, SD855, SD865 5G, SD870, SDX12, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM6250, SM6250P, SM6375, SM7250P, WCD9326, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
CVE-2021-30311
CVE ID
CVE-2021-30311
Title
Improper Input Validation in Modem
Description
Possible heap overflow due to lack of index validation before allocating and writing to heap buffer
Technology Area
NR5G
Vulnerability Type
CWE-20 Improper Input Validation
Access Vector
Local
Security Rating
High
CVSS Rating
High
CVSS Score
7.8
CVSS String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Date Reported
04/04/2021
Customer Notified Date
07/05/2021
Affected Chipsets*
AR8035, QCA6390, QCA6391, QCA6426, QCA6436, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCM6490, QCS6490, QCX315, SA515M, SD 675, SD 8 Gen1 5G, SD460, SD480, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888, SD888 5G, SDX55, SDX55M, SDX65, SDXR2 5G, SM6225, SM6250, SM6375, SM7250P, SM7315, SM7325P, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
CVE-2021-30330
CVE ID
CVE-2021-30330
Title
NULL Pointer Dereference in Video
Description
Possible null pointer dereference due to improper validation of APE clip
Technology Area
Video
Vulnerability Type
CWE-476 NULL Pointer Dereference
Access Vector
Remote
Security Rating
High
CVSS Rating
High
CVSS Score
7.5
CVSS String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Date Reported
Internal
Customer Notified Date
10/04/2021
Affected Chipsets*
APQ8009, APQ8009W, APQ8017, APQ8064AU, APQ8096AU, AR8031, CSRA6620, CSRA6640, FSM10055, FSM10056, MDM9206, MDM9250, MDM9607, MDM9628, MSM8909W, MSM8996AU, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595AU, QCA6696, QCA9367, QCA9377, QCM2290, QCM4290, QCM6490, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6490, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD 8 Gen1 5G, SD205, SD210, SD429, SD460, SD480, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDM429W, SDW2500, SDX20, SDX55M, SDXR1, SDXR2 5G, SM6225, SM6250, SM6250P, SM6375, SM7250P, SM7315, SM7325P, WCD9330, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3620, WCN3910, WCN3950, WCN3988, WCN3991, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835
CVE-2021-30314
CVE ID
CVE-2021-30314
Title
Information Exposure in Telephony
Description
Lack of validation for third party application accessing the service can lead to information disclosure
Technology Area
Telephony
Vulnerability Type
CWE-200 Information Exposure
Access Vector
Local
Security Rating
Medium
CVSS Rating
Medium
CVSS Score
6.2
CVSS String
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Date Reported
03/18/2021
Customer Notified Date
07/05/2021
Affected Chipsets*
QCA6390, QCA6391, QCA6426, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCM2290, QCM4290, QCM6490, QCS2290, QCS4290, QCS603, QCS605, QCS610, QCS6490, Qualcomm215, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SD 8 Gen1 5G, SD205, SD210, SD460, SD480, SD662, SD665, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDX55M, SDXR2 5G, SM6225, SM6375, SM7250P, SM7315, SM7325P, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
*The list of affected chipsets may not be complete. For latest information, device OEMs can contact QTI directly at www.qualcomm.com/support.
Open Source Software Issues****The tables below summarize security vulnerabilities that were addressed through open source software
This table lists high impact security vulnerabilities. Patches have been released for affected products. OEMs have been notified and strongly recommended to release patches on end devices.
Public ID
Security Rating
CVSS Rating
Technology Area
Date Reported
CVE-2021-30319
High
High
WLAN HOST
04/22/2021
CVE-2021-30353
High
High
Audio
Internal
This table lists moderate security vulnerabilities. OEMs have been notified and encouraged to patch these issues.
Public ID
Security Rating
CVSS Rating
Technology Area
Date Reported
CVE-2021-30313
Medium
Medium
Connectivity
02/02/2021
CVE-2021-30319
CVE ID
CVE-2021-30319
Title
Integer Overflow or Wraparound in WLAN
Description
Possible integer overflow due to improper validation of command length parameters while processing WMI command
Technology Area
WLAN HOST
Vulnerability Type
CWE-190 Integer Overflow or Wraparound
Access Vector
Local
Security Rating
High
CVSS Rating
High
CVSS Score
7.8
CVSS String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Date Reported
04/22/2021
Customer Notified Date
10/04/2021
Affected Chipsets*
APQ8009, APQ8017, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM9150, MDM9206, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6175A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584, QCA6584AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9367, QCA9377, QCA9379, QCM2290, QCM4290, QCM6490, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6490, QCX315, QRB5165, QRB5165N, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD 8 Gen1 5G, SD460, SD480, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD845, SD855, SD865 5G, SD870, SD888, SD888 5G, SDX12, SDX20, SDX24, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM6225, SM6250, SM6250P, SM6375, SM7250P, SM7315, SM7325P, WCD9326, WCD9330, WCD9335, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3660B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
Patch**
- https://source.codeaurora.org/quic/le/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=82c4a394b75b4d5a6a6d0e1538a21af42a7483d9
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c3baa174ab2cafb6b65ba34d935eb24e56609cd3
CVE-2021-30353
CVE ID
CVE-2021-30353
Title
Reachable Assertion in Audio
Description
Improper validation of function pointer type with actual function signature can lead to assertion
Technology Area
Audio
Vulnerability Type
CWE-617 Reachable Assertion
Access Vector
Remote
Security Rating
High
CVSS Rating
High
CVSS Score
7.5
CVSS String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Date Reported
Internal
Customer Notified Date
10/04/2021
Affected Chipsets*
AR8031, AR8035, CSRA6620, CSRA6640, FSM10055, FSM10056, MDM9150, MSM8996AU, QCA6174A, QCA6390, QCA6391, QCA6426, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595AU, QCA6696, QCA8081, QCA8337, QCA9377, QCM2290, QCM4290, QCM6490, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6490, QCX315, QRB5165, QRB5165N, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD 8 Gen1 5G, SD205, SD210, SD460, SD480, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDM429W, SDX12, SDX55, SDX55M, SDX65, SDXR1, SDXR2 5G, SM6225, SM6250, SM6250P, SM6375, SM7250P, SM7315, SM7325P, WCD9335, WCD9360, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3620, WCN3910, WCN3950, WCN3988, WCN3991, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835
Patch**
- https://source.codeaurora.org/quic/le/platform/hardware/qcom/audio/commit/?id=af30f0103a50df510a71a12047b5c68b4e3b8a72
- https://source.codeaurora.org/quic/le/platform/hardware/qcom/audio/commit/?id=37a434f57bddfad4544102c4d15f93120bbac71d
CVE-2021-30313
CVE ID
CVE-2021-30313
Title
Use After Free in Wired Connectivity
Description
Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders
Technology Area
Connectivity
Vulnerability Type
CWE-416 Use After Free
Access Vector
Local
Security Rating
Medium
CVSS Rating
Medium
CVSS Score
6.7
CVSS String
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Date Reported
02/02/2021
Customer Notified Date
07/05/2021
Affected Chipsets*
APQ8096AU, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9150, PMP8074, QCA4024, QCA6174A, QCA6320, QCA6390, QCA6391, QCA6426, QCA6428, QCA6436, QCA6438, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCA7500, QCA8072, QCA8075, QCA8081, QCA8337, QCA9377, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9888, QCA9889, QCA9898, QCA9980, QCA9984, QCA9985, QCA9986, QCA9987, QCA9988, QCA9990, QCA9992, QCA9994, QCM2290, QCM4290, QCM6490, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5502, QCN5550, QCN6023, QCN6024, QCN6122, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6490, QRB5165, QRB5165N, QSM8250, Qualcomm215, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 8 Gen1 5G, SD205, SD210, SD460, SD480, SD662, SD665, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDX12, SDX55, SDX55M, SDX65, SDXR2 5G, SM6225, SM6375, SM7250P, SM7315, SM7325P, WCD9335, WCD9340, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3620, WCN3660B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
Patch**
- https://source.codeaurora.org/quic/le/kernel/msm-4.19/commit/?id=f181252f78036d1e5598fb618d2f3d2f47ba992c
* The list of affected chipsets may not be complete. For latest information, device OEMs can contact QTI directly at www.qualcomm.com/support.
** Data is generated only at the time of bulletin creation
Industry Coordination
Security ratings of issues included in Android security
bulletins and these bulletins match in the most common scenarios but may
differ in some cases due to one of the following reasons:
- Consideration of security protections such as SELinux not enforced on some platforms
- Differences in assessment of some specific
scenarios that involves local denial of service or privilege escalation
vulnerabilities in the high level OS kernel
Version History
Version
Date
Comments
1.0
January 4, 2022
Bulletin Published
All Qualcomm products mentioned herein are products of Qualcomm Technologies, Inc. and/or its subsidiaries.
Qualcomm is a trademark of Qualcomm Incorporated, registered in the United States and other countries. Other product and brand names may be trademarks or registered trademarks of their respective owners.
This technical data may be subject to U.S. and international export, re-export, or transfer (“export”) laws. Diversion contrary to U.S. and international law is strictly prohibited.
Qualcomm Technologies, Inc.
5775 Morehouse Drive
San Diego, CA 92121
U.S.A.
© 2019 Qualcomm Technologies, Inc. and/or its subsidiaries. All rights reserved.