Vulnerability Description
Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
| Qualcomm | Qca6174A Firmware | - |
| Qualcomm | Qca6174A | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
| Qualcomm | Qca9377 Firmware | - |
| Qualcomm | Qca9377 | - |
| Qualcomm | Qcm6125 Firmware | - |
| Qualcomm | Qcm6125 | - |
| Qualcomm | Qcs410 Firmware | - |
| Qualcomm | Qcs410 | - |
| Qualcomm | Qcs603 Firmware | - |
| Qualcomm | Qcs603 | - |
| Qualcomm | Qcs605 Firmware | - |
| Qualcomm | Qcs605 | - |
| Qualcomm | Qcs610 Firmware | - |
| Qualcomm | Qcs610 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletVendor Advisory
FAQ
What is CVE-2021-30309?
CVE-2021-30309 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
How severe is CVE-2021-30309?
CVE-2021-30309 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-30309?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9650 Firmware, Qualcomm Mdm9650, Qualcomm Qca6174A Firmware, Qualcomm Qca6174A, Qualcomm Qca6390 Firmware.