Skip to main content

Qca9898 Firmware CVE-2021-1909

HIGH
Classic Buffer Overflow (CWE-120)
2021-09-09 product-security@qualcomm.com
Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Qca9888 Firmware Ipq8078a Firmware Ipq4019 Firmware Ipq8074a Firmware Qcn6122 Firmware Qca9990 Firmware Qca9984 Firmware Qcn5122 Firmware Qca9980 Firmware Qcn9074 Firmware Ipq8072a Firmware Ipq8076a Firmware Qca7500 Firmware Qca9889 Firmware Ipq4029 Firmware Qcn9070 Firmware Qcn9000 Firmware Ipq8076 Firmware Qcn9072 Firmware Ipq8070 Firmware Ipq8074 Firmware Ipq8072 Firmware Ipq8068 Firmware Qcn5022 Firmware Qca9985 Firmware Ipq8078 Firmware Ipq8070a Firmware Ipq8173 Firmware Ipq6018 Firmware Ipq8174 Firmware Qcs6125 Firmware Qcn5052 Firmware Ipq6000 Firmware Qca9886 Firmware Qcn5154 Firmware Qcn6023 Firmware Sd855 Firmware Ipq5028 Firmware Ipq4028 Firmware Qcn5054 Firmware Ipq6010 Firmware Qcn9100 Firmware Qca8072 Firmware Qca9994 Firmware Csr8811 Firmware Ipq5010 Firmware Ipq8071a Firmware Qcs610 Firmware Fsm10056 Firmware Sdx55 Firmware Qcn9022 Firmware Ar9380 Firmware Qcn5152 Firmware Qca6428 Firmware Qcn5124 Firmware Qca9992 Firmware Qca6438 Firmware Qcn5024 Firmware Ipq8071 Firmware Ipq8065 Firmware Qca9880 Firmware Ipq4018 Firmware Qca9531 Firmware Sm6250p Firmware Qcn5021 Firmware Mdm9225M Firmware Sd 455 Firmware Pmp8074 Firmware Apq8037 Firmware Qca6320 Firmware Sdx24 Firmware Msm8608 Firmware Wcn6855 Firmware Ar7420 Firmware Qca6426 Firmware Pm8937 Firmware Qcn5064 Firmware Sd821 Firmware Fsm9910 Firmware Fsm10055 Firmware Ipq8064 Firmware Qca6164 Firmware Wcn3610 Firmware Fsm9950 Firmware Qca6310 Firmware Ar3012 Firmware Qca6234 Firmware Ipq8066 Firmware Mdm9625M Firmware Mdm9330 Firmware Mdm9230 Firmware Apq8064au Firmware Qca1990 Firmware Mdm9630 Firmware Sd675 Firmware Mdm9650 Firmware Qca6175A Firmware Qcm4290 Firmware Qca4004 Firmware Sd730 Firmware Sd888 Firmware Qsw8573 Firmware Sdx20m Firmware Ipq6005 Firmware Fsm9900 Firmware Fsm9905 Firmware Qsm8250 Firmware Wcn3680 Firmware Sd460 Firmware Msm8108 Firmware Sc8180X Sdx55 Firmware Ipq8069 Firmware Sd 636 Firmware Apq8084 Firmware Fsm9955 Firmware Mdm9225 Firmware Fsm9916 Firmware Sd 675 Firmware Sd835 Firmware Wcn6856 Firmware Qca6694 Firmware Mdm9635M Firmware Sm4125 Firmware Ipq8062 Firmware Qcn5121 Firmware Qca6431 Firmware Apq8017 Firmware Sd670 Firmware Qcn5550 Firmware Qca6174 Firmware Wcn6750 Firmware Apq8076 Firmware Msm8909W Firmware Qcn7605 Firmware Sd820 Firmware Msm8209 Firmware Qca6335 Firmware Fsm9915 Firmware Mdm9235M Firmware Sd 8cx Firmware Qca9379 Firmware Wcn3660 Firmware Wcn3999 Firmware Wcd9306 Firmware Mdm9645 Firmware Qsm8350 Firmware Qca6436 Firmware Qca6421 Firmware Msm8996au Firmware Mdm9625 Firmware Qcn7606 Firmware Wcn3910 Firmware Wsa8815 Firmware Qcs6490 Firmware Wcn6740 Firmware Qcs410 Firmware Mdm9150 Firmware Qcs605 Firmware Wcd9371 Firmware Sd662 Firmware Qca4020 Firmware Qcs405 Firmware Qualcomm Sd865 5g Firmware Qca6564 Firmware Wcn3620 Firmware Qca6564a Firmware Mdm9628 Firmware Csrb31024 Firmware Wcn3660b Firmware Qca9377 Firmware Sdm429w Firmware Qcn6024 Firmware Qca9367 Firmware Sa6155 Firmware Sa8155 Firmware Qcn9024 Firmware Wcd9360 Firmware Mdm9640 Firmware Sm6250 Firmware Qca6584 Firmware Wcd9330 Firmware Mdm8207 Firmware Qcs4290 Firmware Sa6145p Firmware Mdm9250 Firmware Sa6150p Firmware Ar8035 Firmware Sa8155p Firmware Qca6391 Firmware Csra6640 Firmware Qca6595au Firmware Qca6584au Firmware Qca8081 Firmware Sa6155p Firmware Qcm2290 Firmware Qca6564au Firmware Qca6696 Firmware Wsa8830 Firmware Wcn3988 Firmware Qca6574 Firmware Qcn9012 Firmware Sa8145p Firmware Sa8195p Firmware Qca6595 Firmware Qcm6125 Firmware Wcd9370 Firmware Aqt1000 Firmware Qca6574au Firmware Wsa8835 Firmware Wcd9375 Firmware Qca8337 Firmware Wcd9340 Firmware Wcn3950 Firmware Wcd9385 Firmware Sa8150p Firmware Qca6174a Firmware Csra6620 Firmware Qcs2290 Firmware Ar8031 Firmware Qcm6490 Firmware Wcd9380 Firmware Qca6420 Firmware Qca6574a Firmware Qca6430 Firmware Mdm9205 Firmware Apq8053 Firmware Apq8009 Firmware Msm8920 Firmware Msm8940 Firmware Msm8953 Firmware Apq8016 Firmware Apq8064 Firmware Qca6390 Firmware Mdm9206 Firmware Mdm9607 Firmware Apq8096Au Firmware Sdm630 Firmware Qca9378 Firmware Mdm9655 Firmware Sdx20 Firmware Msm8976 Firmware Msm8917 Firmware Qca9558 Firmware Msm8937 Firmware Msm8952 Firmware Sd210 Firmware Sd205 Firmware Sd450 Firmware Sd845 Firmware Sd850 Firmware Sa415M Firmware Sa515M Firmware Ipq5018 Firmware Qrb5165 Firmware Sdx55M Firmware Sm7250 Firmware Apq8009W Firmware Mdm9207 Firmware Msm8208 Firmware Qcs603 Firmware Sda429W Firmware Sdm830 Firmware Sdw2500 Firmware Sdx50M Firmware Apq8052 Firmware Apq8056 Firmware Msm8956 Firmware Msm8976Sg Firmware Sd429 Firmware Csr6030 Firmware Mdm9626 Firmware Sd 8C Firmware Sd665 Firmware Sd690 5G Firmware Sd712 Firmware Sd720G Firmware Sd750G Firmware Sd765 Firmware Sd765G Firmware Sd768G Firmware Sd7C Firmware Sd888 5G Firmware Sdxr1 Firmware Sdxr2 5G Firmware Wcn3991 Firmware Wcn3998 Firmware Wcn6850 Firmware Wcn6851 Firmware Whs9410 Firmware Qualcomm215 Firmware Apq8062 Firmware Mdm8635M Firmware Msm8962 Firmware Pmd9635 Firmware Qca6694Au Firmware Qfe1100 Firmware Sd632 Firmware Wcn3660A Firmware Msm8916 Firmware Qca9561 Firmware Qca9882 Firmware Qca9887 Firmware Qca9890 Firmware Qca9982 Firmware Qca9987 Firmware Qfe1922 Firmware Qfe1952 Firmware Wtr3925L Firmware Qca7520 Firmware Qca7550 Firmware Qcn3018 Firmware Sd678 Firmware Sd870 Firmware Sd480 Firmware Ar9580 Firmware Qca10901 Firmware Sd778G Firmware Sd780G Firmware Sc8280Xp Firmware Sm7325 Firmware Sdx12 Firmware Qcx315 Firmware Buffer Overflow
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 09, 2021 - 08:15 nvd
HIGH 7.8

DescriptionNVD

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

AnalysisAI

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Affected products include: Qualcomm Apq8009 Firmware, Qualcomm Apq8009W Firmware, Qualcomm Apq8016 Firmware, Qualcomm Apq8017 Firmware, Qualcomm Apq8037 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

CVE-2024-21473 CRITICAL
9.8 Apr 01

Memory corruption while redirecting log file to any file location with any file name. Rated critical severity (CVSS 9.8)

CVE-2023-33083 CRITICAL
9.8 Dec 05

Memory corruption in WLAN Host while processing RRM beacon on the AP. Rated critical severity (CVSS 9.8), this vulnerabi

CVE-2023-33082 CRITICAL
9.8 Dec 05

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Rated critical seve

CVE-2022-25748 CRITICAL
9.8 Oct 19

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (

CVE-2021-1976 CRITICAL
9.8 Sep 17

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snap

CVE-2021-1972 CRITICAL
9.8 Sep 08

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Com

CVE-2021-1965 CRITICAL POC
9.8 Jul 13

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdrago

CVE-2021-1980 CRITICAL
9.1 Oct 20

Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Co

CVE-2025-47339 HIGH
7.8 Jan 07

Memory corruption while deinitializing a HDCP session. [CVSS 7.8 HIGH]

CVE-2024-23368 HIGH
7.8 Jul 01

Memory corruption when allocating and accessing an entry in an SMEM partition. Rated high severity (CVSS 7.8), this vuln

CVE-2023-33063 HIGH
7.8 Dec 05

Memory corruption in DSP Services during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerabil

CVE-2023-28539 HIGH
7.8 Oct 03

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CV

Share

CVE-2021-1909 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy