Vulnerability Description
Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8017 Firmware | - |
| Qualcomm | Apq8017 | - |
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Msm8917 Firmware | - |
| Qualcomm | Msm8917 | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
| Qualcomm | Qca6421 Firmware | - |
| Qualcomm | Qca6421 | - |
| Qualcomm | Qca6426 Firmware | - |
| Qualcomm | Qca6426 | - |
| Qualcomm | Qca6431 Firmware | - |
| Qualcomm | Qca6431 | - |
| Qualcomm | Qca6436 Firmware | - |
| Qualcomm | Qca6436 | - |
| Qualcomm | Qca6574A Firmware | - |
| Qualcomm | Qca6574A | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletVendor Advisory
FAQ
What is CVE-2021-1981?
CVE-2021-1981 is a vulnerability with a CVSS score of 7.5 (HIGH). Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IO...
How severe is CVE-2021-1981?
CVE-2021-1981 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1981?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8017 Firmware, Qualcomm Apq8017, Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Msm8917 Firmware.