Vulnerability Description
Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8009 Firmware | - |
| Qualcomm | Apq8009 | - |
| Qualcomm | Apq8009W Firmware | - |
| Qualcomm | Apq8009W | - |
| Qualcomm | Apq8017 Firmware | - |
| Qualcomm | Apq8017 | - |
| Qualcomm | Apq8037 Firmware | - |
| Qualcomm | Apq8037 | - |
| Qualcomm | Apq8096Au Firmware | - |
| Qualcomm | Apq8096Au | - |
| Qualcomm | Ar6003 Firmware | - |
| Qualcomm | Ar6003 | - |
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Csr6030 Firmware | - |
| Qualcomm | Csr6030 | - |
| Qualcomm | Csrb31024 Firmware | - |
| Qualcomm | Csrb31024 | - |
| Qualcomm | Fsm10055 Firmware | - |
| Qualcomm | Fsm10055 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletVendor Advisory
FAQ
What is CVE-2021-1975?
CVE-2021-1975 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indust...
How severe is CVE-2021-1975?
CVE-2021-1975 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-1975?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8009 Firmware, Qualcomm Apq8009, Qualcomm Apq8009W Firmware, Qualcomm Apq8009W, Qualcomm Apq8017 Firmware.