CVE-2021-35115

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2021-35115
Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

7.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:qualcomm:ar6003_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:ar6003:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:qualcomm:mdm8215_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8215:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:qualcomm:mdm8215m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8215m:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:qualcomm:mdm8615m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm8615m:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:qualcomm:mdm9215_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9215:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:qualcomm:mdm9310_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9310:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:qualcomm:mdm9615m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:mdm9615m:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*
Information

Published : 2022-03-31 22:15

Updated : 2022-04-08 17:30

NVD link : CVE-2021-35115

Mitre link : CVE-2021-35115

JSON object : View

CWE
CWE-416

Use After Free

Advertisement

dedicated server usa
Products Affected

qualcomm

  • qca6574a_firmware
  • sa6150p_firmware
  • qca6696
  • ar6003_firmware
  • qca6574au
  • sa8540p
  • qca6584au_firmware
  • mdm8215m
  • mdm9615m_firmware
  • qca6574a
  • qca6696_firmware
  • sa8145p
  • qca6564au_firmware
  • sa9000p
  • sa8145p_firmware
  • mdm9215_firmware
  • qca6564a
  • qca6564a_firmware
  • sa8155p_firmware
  • sa6145p_firmware
  • sa8155p
  • mdm9615_firmware
  • mdm9310_firmware
  • mdm8215_firmware
  • mdm9615m
  • sa6145p
  • qca6574au_firmware
  • ar6003
  • sdx55_firmware
  • sdx55m
  • sa6155p
  • qca6584au
  • sa6155p_firmware
  • sa8150p_firmware
  • mdm9215
  • msm8996au_firmware
  • sa8195p
  • wcd9341_firmware
  • sa8150p
  • mdm8615m_firmware
  • sa8195p_firmware
  • sdx55
  • sdx55m_firmware
  • mdm8215
  • sa8540p_firmware
  • mdm8615m
  • qca6564au
  • apq8096au
  • mdm9310
  • sa6150p
  • wcd9341
  • sa9000p_firmware
  • mdm8215m_firmware
  • mdm9615
  • msm8996au
  • apq8096au_firmware