Vulnerability Description
Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Apq8053 Firmware | - |
| Qualcomm | Apq8053 | - |
| Qualcomm | Msm8953 Firmware | - |
| Qualcomm | Msm8953 | - |
| Qualcomm | Qca6174A Firmware | - |
| Qualcomm | Qca6174A | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
| Qualcomm | Qca6426 Firmware | - |
| Qualcomm | Qca6426 | - |
| Qualcomm | Qca6574 Firmware | - |
| Qualcomm | Qca6574 | - |
| Qualcomm | Qca6574A Firmware | - |
| Qualcomm | Qca6574A | - |
| Qualcomm | Qca6574Au Firmware | - |
| Qualcomm | Qca6574Au | - |
| Qualcomm | Qca6595Au Firmware | - |
| Qualcomm | Qca6595Au | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletiPatchVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletiPatchVendor Advisory
FAQ
What is CVE-2021-30306?
CVE-2021-30306 is a vulnerability with a CVSS score of 8.4 (HIGH). Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
How severe is CVE-2021-30306?
CVE-2021-30306 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-30306?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Apq8053 Firmware, Qualcomm Apq8053, Qualcomm Msm8953 Firmware, Qualcomm Msm8953, Qualcomm Qca6174A Firmware.