Sign-up

ID

VAR-202109-0569


CVE

CVE-2021-30295


TITLE

plural  Qualcomm  Classic buffer overflow vulnerability in the product

Trust: 0.8

sources: JVNDB: JVNDB-2021-011483

DESCRIPTION

Possible heap overflow due to improper validation of local variable while storing current task information locally in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. plural Qualcomm The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.25

sources: NVD: CVE-2021-30295 // JVNDB: JVNDB-2021-011483 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-30295

AFFECTED PRODUCTS

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd678scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd210scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fsm10055scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd730scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd690 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm2290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd480scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd845scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx12scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:fsm10056scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8017scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8917scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs405scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx50mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd429scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd780gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd720gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8053scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd670scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd778gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm4290scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8953scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd205scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd750gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8031scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd710scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qrb5165scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3910scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa515mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 675scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qualcomm215scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcx315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csrb31024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa415mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:mdm9150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd665scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sda429wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs603scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs605scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm4125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd662scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:csra6620scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8053scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csrb31024scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fsm10055scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csra6640scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8031scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:mdm9150scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8017scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:fsm10056scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-011483 // NVD: CVE-2021-30295

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2021-30295
value: HIGH

Trust: 1.8

product-security@qualcomm.com: CVE-2021-30295
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202109-255
value: HIGH

Trust: 0.6

VULMON: CVE-2021-30295
value: HIGH

Trust: 0.1

NVD:
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2021-30295
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.9

NVD:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

product-security@qualcomm.com:
baseSeverity: HIGH
baseScore: 8.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.5
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-30295
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2021-30295 // JVNDB: JVNDB-2021-011483 // NVD: CVE-2021-30295 // NVD: CVE-2021-30295 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-255

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:Classic buffer overflow (CWE-120) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-011483 // NVD: CVE-2021-30295

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202109-255

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2021-30295

PATCH
title:September 2021 Security Bulletinurl:https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2021-bulletin.html
Trust: 0.8
title:Qualcomm chip Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=162555
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2021-011483 // 
            
            
            
            CNNVD: CNNVD-202109-255

EXTERNAL IDS
db:NVDid:CVE-2021-30295
Trust: 3.3
db:JVNDBid:JVNDB-2021-011483
Trust: 0.8
db:CS-HELPid:SB2021041363
Trust: 0.6
db:CNNVDid:CNNVD-202104-975
Trust: 0.6
db:CS-HELPid:SB2021090616
Trust: 0.6
db:CNNVDid:CNNVD-202109-255
Trust: 0.6
db:VULMONid:CVE-2021-30295
Trust: 0.1
sources:
            
            
            VULMON: CVE-2021-30295 // 
            
            
            
            JVNDB: JVNDB-2021-011483 // 
            
            
            
            NVD: CVE-2021-30295 // 
            
            
            
            CNNVD: CNNVD-202104-975 // 
            
            
            
            CNNVD: CNNVD-202109-255

REFERENCES
url:https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2021-30295
Trust: 1.4
url:https://www.cybersecurity-help.cz/vdb/sb2021041363
Trust: 0.6
url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-september-2021-36342
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2021090616
Trust: 0.6
url:https://source.android.com/security/bulletin/2021-09-01
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/120.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULMON: CVE-2021-30295 // 
            
            
            
            JVNDB: JVNDB-2021-011483 // 
            
            
            
            NVD: CVE-2021-30295 // 
            
            
            
            CNNVD: CNNVD-202104-975 // 
            
            
            
            CNNVD: CNNVD-202109-255

SOURCES
db:VULMONid:CVE-2021-30295
db:JVNDBid:JVNDB-2021-011483
db:NVDid:CVE-2021-30295
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202109-255

LAST UPDATE DATE
2023-12-18T10:45:17.533000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2021-30295date:2021-09-15T00:00:00
db:JVNDBid:JVNDB-2021-011483date:2022-08-03T04:56:00
db:NVDid:CVE-2021-30295date:2021-09-15T20:32:16.817
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202109-255date:2021-09-18T00:00:00

SOURCES RELEASE DATE
db:VULMONid:CVE-2021-30295date:2021-09-09T00:00:00
db:JVNDBid:JVNDB-2021-011483date:2022-08-03T00:00:00
db:NVDid:CVE-2021-30295date:2021-09-09T08:15:28.103
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202109-255date:2021-09-06T00:00:00