Vulnerability Description
Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ar8031 Firmware | - |
| Qualcomm | Ar8031 | - |
| Qualcomm | Ar8035 Firmware | - |
| Qualcomm | Ar8035 | - |
| Qualcomm | Csra6620 Firmware | - |
| Qualcomm | Csra6620 | - |
| Qualcomm | Csra6640 Firmware | - |
| Qualcomm | Csra6640 | - |
| Qualcomm | Fsm10055 Firmware | - |
| Qualcomm | Fsm10055 | - |
| Qualcomm | Fsm10056 Firmware | - |
| Qualcomm | Fsm10056 | - |
| Qualcomm | Ipq8072A Firmware | - |
| Qualcomm | Ipq8072A | - |
| Qualcomm | Ipq8074A Firmware | - |
| Qualcomm | Ipq8074A | - |
| Qualcomm | Ipq8076A Firmware | - |
| Qualcomm | Ipq8076A | - |
| Qualcomm | Mdm9150 Firmware | - |
| Qualcomm | Mdm9150 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletPatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletPatchVendor Advisory
FAQ
What is CVE-2021-30298?
CVE-2021-30298 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon I...
How severe is CVE-2021-30298?
CVE-2021-30298 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-30298?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar8031 Firmware, Qualcomm Ar8031, Qualcomm Ar8035 Firmware, Qualcomm Ar8035, Qualcomm Csra6620 Firmware.