Sign-up

ID

VAR-202203-0003


CVE

CVE-2021-35103


TITLE

Out-of-bounds write vulnerability in multiple Qualcomm products

Trust: 0.8

sources: JVNDB: JVNDB-2021-019208

DESCRIPTION

Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking. AR8035 firmware, AR9380 firmware, CSR8811 Several Qualcomm products, such as firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2021-35103 // JVNDB: JVNDB-2021-019208

IOT TAXONOMY

category:['other device', 'embedded device']sub_category:SoC

Trust: 0.1

category:['other device', 'embedded device']sub_category:general

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:qualcommmodel:sdx65scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq4018scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6554ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6850scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq4029scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8074ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9889scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9886scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd780gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8078scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6391scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5054scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5021scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9072scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca4024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9385scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5124scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7250pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5022scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7325pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6851scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5122scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd765scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8068scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6426scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6112scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq6018scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq4019scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8064scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8070scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmp8074scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6696scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdxr2 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3991scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6122scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8173scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9880scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq4028scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8078ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd870scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9992scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq6010scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8076scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8065scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9370scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca7500scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csr8811scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6375scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5164scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa415mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8145pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9022scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd662scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9898scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa515mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6750scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8081scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5154scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8174scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcm6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8075scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8195pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6102scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6132scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csrb31024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8076ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9074scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd480scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm7315scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa8150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6595auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5152scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6125scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa4155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6856scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qrb5165scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8072scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd865 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9011scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq6028scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sm6225scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9012scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qrb5165nscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8035scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3988scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd888 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd 8 gen1 5gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9985scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qrb5165mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd778gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs6490scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9994scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq5028scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9984scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5052scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn6023scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sw5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn6740scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6436scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8072ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8070ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq5018scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq8071ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa6155scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd768gscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx55scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn5024scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sa4150pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcn9070scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ipq5010scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:ipq4019scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csr8811scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar9380scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ipq5018scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8035scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ipq4018scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ipq4029scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:csrb31024scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ipq5010scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ipq4028scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-019208 // NVD: CVE-2021-35103

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-35103
value: HIGH

Trust: 1.0

product-security@qualcomm.com: CVE-2021-35103
value: HIGH

Trust: 1.0

NVD: CVE-2021-35103
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202203-578
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-35103
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2021-35103
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2021-35103
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2021-019208 // CNNVD: CNNVD-202203-578 // NVD: CVE-2021-35103 // NVD: CVE-2021-35103

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-019208 // NVD: CVE-2021-35103

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202203-578

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202203-578

PATCH

title:Multiple Qualcomm Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=185013

Trust: 0.6

sources: CNNVD: CNNVD-202203-578

EXTERNAL IDS

db:NVDid:CVE-2021-35103

Trust: 3.3

db:JVNDBid:JVNDB-2021-019208

Trust: 0.8

db:CS-HELPid:SB2022030719

Trust: 0.6

db:CS-HELPid:SB2022030801

Trust: 0.6

db:AUSCERTid:ESB-2022.0953

Trust: 0.6

db:CNNVDid:CNNVD-202203-578

Trust: 0.6

db:OTHERid:NONE

Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2021-019208 // CNNVD: CNNVD-202203-578 // NVD: CVE-2021-35103

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-2021-35103

Trust: 0.8

url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-march-2022-37726

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022030801

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022030719

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2021-35103/

Trust: 0.6

url:https://source.android.com/security/bulletin/2022-03-01

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0953

Trust: 0.6

url:https://ieeexplore.ieee.org/abstract/document/10769424

Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2021-019208 // CNNVD: CNNVD-202203-578 // NVD: CVE-2021-35103

SOURCES

db:OTHERid: -
db:JVNDBid:JVNDB-2021-019208
db:CNNVDid:CNNVD-202203-578
db:NVDid:CVE-2021-35103

LAST UPDATE DATE

2025-01-30T22:05:58.781000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2021-019208date:2023-07-19T08:29:00
db:CNNVDid:CNNVD-202203-578date:2022-04-11T00:00:00
db:NVDid:CVE-2021-35103date:2023-04-19T17:10:55.030

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2021-019208date:2023-07-19T00:00:00
db:CNNVDid:CNNVD-202203-578date:2022-03-07T00:00:00
db:NVDid:CVE-2021-35103date:2022-04-01T05:15:07.463