CVE-2021-1947

CVSS V2 High 7.2 CVSS V3 High 7.8
Description
Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Overview
  • CVE ID
  • CVE-2021-1947
  • Assigner
  • product-security@qualcomm.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2021-09-17T07:15:08
  • Last Modified Date
  • 2021-09-28T14:07:05
Weakness Enumerations
CWE URL
CWE-416 http://cwe.mitre.org/data/definitions/416.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:qualcomm:apq8009w_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:apq8009w:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:ar9380_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:ar9380:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:ipq8065_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:ipq8065:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:ipq8068_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:ipq8068:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:ipq8069_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:ipq8069:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9531_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9531:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9558_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9558:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9561_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9561:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9563_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9563:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9880_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9880:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9882_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9882:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9886_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9886:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9887_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9887:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9896_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9896:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9898_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9898:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9980_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9980:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9982_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9982:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9984:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9990_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9990:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9992_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9992:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9994_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9994:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qcs6125_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qcs6125:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qet4101_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qet4101:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qrb5165_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qrb5165:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qsw8573_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qsw8573:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd429_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd429:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd660_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd665_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd665:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd750g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd870_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd870:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sda429w_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sda429w:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sdm830_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sdm830:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm4125_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm7250_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm7250:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9326_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3615_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3990_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:L/AC:L/Au:N/C:C/I:C/A:C
  • Access Vector
  • LOCAL
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 7.2
  • Severity
  • HIGH
  • Exploitability Score
  • 3.9
  • Impact Score
  • 10
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • LOCAL
  • Attack Compatibility
  • LOW
  • Privileges Required
  • LOW
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 7.8
  • Base Severity
  • HIGH
  • Exploitability Score
  • 1.8
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin Patch Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2021-1947
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1947
History
Created Old Value New Value Data Type Notes
2022-05-10 06:53:12 Added to TrackCVE
2022-12-05 10:48:37 security.cna@qualcomm.com product-security@qualcomm.com CVE Assigner updated
2022-12-05 10:48:37 2021-09-17T07:15Z 2021-09-17T07:15:08 CVE Published Date updated
2022-12-05 10:48:37 2021-09-28T14:07:05 CVE Modified Date updated
2022-12-05 10:48:37 Analyzed Vulnerability Status updated