Vulnerability Description
Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Aqt1000 Firmware | - |
| Qualcomm | Aqt1000 | - |
| Qualcomm | Qca6390 Firmware | - |
| Qualcomm | Qca6390 | - |
| Qualcomm | Qca6391 Firmware | - |
| Qualcomm | Qca6391 | - |
| Qualcomm | Qca6420 Firmware | - |
| Qualcomm | Qca6420 | - |
| Qualcomm | Qca6421 Firmware | - |
| Qualcomm | Qca6421 | - |
| Qualcomm | Qca6426 Firmware | - |
| Qualcomm | Qca6426 | - |
| Qualcomm | Qca6430 Firmware | - |
| Qualcomm | Qca6430 | - |
| Qualcomm | Qca6431 Firmware | - |
| Qualcomm | Qca6431 | - |
| Qualcomm | Qca6436 Firmware | - |
| Qualcomm | Qca6436 | - |
| Qualcomm | Qcm6490 Firmware | - |
| Qualcomm | Qcm6490 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletinVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletinVendor Advisory
FAQ
What is CVE-2021-35090?
CVE-2021-35090 is a vulnerability with a CVSS score of 9.3 (CRITICAL). Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdrago...
How severe is CVE-2021-35090?
CVE-2021-35090 has been rated CRITICAL with a CVSS base score of 9.3/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-35090?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Qca6390 Firmware, Qualcomm Qca6390, Qualcomm Qca6391 Firmware.