Vulnerability Description
Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Qca6174A Firmware | - |
| Qualcomm | Qca6174A | - |
| Qualcomm | Qca6574 Firmware | - |
| Qualcomm | Qca6574 | - |
| Qualcomm | Qca6574A Firmware | - |
| Qualcomm | Qca6574A | - |
| Qualcomm | Qca6574Au Firmware | - |
| Qualcomm | Qca6574Au | - |
| Qualcomm | Qca6595Au Firmware | - |
| Qualcomm | Qca6595Au | - |
| Qualcomm | Qca6696 Firmware | - |
| Qualcomm | Qca6696 | - |
| Qualcomm | Qca9377 Firmware | - |
| Qualcomm | Qca9377 | - |
| Qualcomm | Qcm6490 Firmware | - |
| Qualcomm | Qcm6490 | - |
| Qualcomm | Qcs6490 Firmware | - |
| Qualcomm | Qcs6490 | - |
| Qualcomm | Sa6145P Firmware | - |
| Qualcomm | Sa6145P | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/september-2021-bullePatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/september-2021-bullePatchVendor Advisory
FAQ
What is CVE-2021-30294?
CVE-2021-30294 is a vulnerability with a CVSS score of 8.4 (HIGH). Potential null pointer dereference in KGSL GPU auxiliary command due to improper validation of user input in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
How severe is CVE-2021-30294?
CVE-2021-30294 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-30294?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Qca6174A Firmware, Qualcomm Qca6174A, Qualcomm Qca6574 Firmware, Qualcomm Qca6574, Qualcomm Qca6574A Firmware.