Vulnerability Description
Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8009W Firmware | - |
| Qualcomm | Apq8009W | - |
| Qualcomm | Aqt1000 Firmware | - |
| Qualcomm | Aqt1000 | - |
| Qualcomm | Msm8909W Firmware | - |
| Qualcomm | Msm8909W | - |
| Qualcomm | Qca4020 Firmware | - |
| Qualcomm | Qca4020 | - |
| Qualcomm | Qca6174A Firmware | - |
| Qualcomm | Qca6174A | - |
| Qualcomm | Qca6420 Firmware | - |
| Qualcomm | Qca6420 | - |
| Qualcomm | Qca6430 Firmware | - |
| Qualcomm | Qca6430 | - |
| Qualcomm | Qca9379 Firmware | - |
| Qualcomm | Qca9379 | - |
| Qualcomm | Qualcomm215 Firmware | - |
| Qualcomm | Qualcomm215 | - |
| Qualcomm | Sd 675 Firmware | - |
| Qualcomm | Sd 675 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletinPatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletinPatchVendor Advisory
FAQ
What is CVE-2021-1899?
CVE-2021-1899 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
How severe is CVE-2021-1899?
CVE-2021-1899 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1899?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8009W Firmware, Qualcomm Apq8009W, Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Msm8909W Firmware.