CVE-2021-35074

CVSS V2 High 7.2 CVSS V3 High 7.8
Description
Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Overview
  • CVE ID
  • CVE-2021-35074
  • Assigner
  • product-security@qualcomm.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-02-11T11:15:08
  • Last Modified Date
  • 2023-04-19T17:10:55
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sdx12_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sdx12:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sdx65:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:sm6375_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:sm6375:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:L/AC:L/Au:N/C:C/I:C/A:C
  • Access Vector
  • LOCAL
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 7.2
  • Severity
  • HIGH
  • Exploitability Score
  • 3.9
  • Impact Score
  • 10
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • LOCAL
  • Attack Compatibility
  • LOW
  • Privileges Required
  • LOW
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 7.8
  • Base Severity
  • HIGH
  • Exploitability Score
  • 1.8
  • Impact Score
  • 5.9
References
History
Created Old Value New Value Data Type Notes
2022-05-10 06:32:16 Added to TrackCVE
2022-12-06 09:25:49 security.cna@qualcomm.com product-security@qualcomm.com CVE Assigner updated
2022-12-06 09:25:49 2022-02-11T11:15Z 2022-02-11T11:15:08 CVE Published Date updated
2022-12-06 09:25:50 2022-02-18T19:54:10 CVE Modified Date updated
2022-12-06 09:25:50 Analyzed Vulnerability Status updated
2023-04-19 18:09:00 2023-04-19T17:10:55 CVE Modified Date updated