Skip to main content

Sm7250p Firmware CVE-2021-1910

CRITICAL
Double Free (CWE-415)
2021-05-07 product-security@qualcomm.com
Sm7250p Firmware Qcs6125 Firmware Sd855 Firmware Qcs610 Firmware Fsm10056 Firmware Sd660 Firmware Sdx55 Firmware Sm6250p Firmware Qca6320 Firmware Wcn6855 Firmware Qca6426 Firmware Pm8937 Firmware Fsm10055 Firmware Wcn3610 Firmware Qca6310 Firmware Apq8064au Firmware Sd675 Firmware Mdm9650 Firmware Qcm4290 Firmware Sd730 Firmware Sd888 Firmware Qsw8573 Firmware Sdx20m Firmware Wcn3680 Firmware Sd460 Firmware Sd835 Firmware Wcn6856 Firmware Sm4125 Firmware Qca6431 Firmware Apq8017 Firmware Sd670 Firmware Wcn6750 Firmware Msm8909W Firmware Qca6335 Firmware Qca9379 Firmware Wcn3660 Firmware Wcn3999 Firmware Qet4101 Firmware Qca6436 Firmware Qca6421 Firmware Msm8996au Firmware Wcn3910 Firmware Wsa8815 Firmware Wcn6740 Firmware Qcs410 Firmware Qcs605 Firmware Wcd9371 Firmware Sd662 Firmware Qca4020 Firmware Qcs405 Firmware Qualcomm Wcn3615 Firmware Wcd9326 Firmware Qca6564 Firmware Wcn3620 Firmware Qca6564a Firmware Wcn3660b Firmware Qca9377 Firmware Sdm429w Firmware Qca9367 Firmware Wcn3680b Firmware Sa6155 Firmware Sa8155 Firmware Sm6250 Firmware Wcd9330 Firmware Qcs4290 Firmware Sa6145p Firmware Sa6150p Firmware Sa8155p Firmware Qca6391 Firmware Csra6640 Firmware Qca6595au Firmware Sa6155p Firmware Qcm2290 Firmware Qca6564au Firmware Qca6696 Firmware Wsa8810 Firmware Wsa8830 Firmware Wcn3988 Firmware Qca6574 Firmware Wcn3980 Firmware Sa8195p Firmware Qcm6125 Firmware Wcd9370 Firmware Wcd9335 Firmware Aqt1000 Firmware Qca6574au Firmware Wsa8835 Firmware Wcd9375 Firmware Wcd9340 Firmware Wcn3950 Firmware Wcd9385 Firmware Sa8150p Firmware Qca6174a Firmware Wcn3990 Firmware Wcd9341 Firmware Csra6620 Firmware Qcs2290 Firmware Ar8031 Firmware Wcd9380 Firmware Qca6420 Firmware Qca6574a Firmware Qca6430 Firmware Pmr735A Firmware Pmr735B Firmware Apq8053 Firmware Apq8009 Firmware Msm8953 Firmware Qca6390 Firmware Pmx20 Firmware Mdm9206 Firmware Apq8096Au Firmware Sdm630 Firmware Sdx20 Firmware Msm8917 Firmware Sd210 Firmware Sd205 Firmware Sd450 Firmware Sd845 Firmware Sdx55M Firmware Apq8009W Firmware Qcs603 Firmware Sda429W Firmware Sdm830 Firmware Sdw2500 Firmware Sdx50M Firmware Sd429 Firmware Sd439 Firmware Ar8151 Firmware Pm3003A Firmware Pm4125 Firmware Pm456 Firmware Pm6125 Firmware Pm6150 Firmware Pm6150A Firmware Pm6150L Firmware Pm6250 Firmware Pm6350 Firmware Pm640A Firmware Pm640L Firmware Pm640P Firmware Pm660 Firmware Pm660A Firmware Pm660L Firmware Pm670 Firmware Pm670A Firmware Pm670L Firmware Pm7150A Firmware Pm7150L Firmware Pm7250 Firmware Pm7250B Firmware Pm8004 Firmware Pm8005 Firmware Pm8008 Firmware Pm8009 Firmware Pm8150A Firmware Pm8150B Firmware Pm8150C Firmware Pm8150L Firmware Pm8250 Firmware Pm8350 Firmware Pm8350B Firmware Pm8350Bh Firmware Pm8350C Firmware Pm855 Firmware Pm855B Firmware Pm855L Firmware Pm855P Firmware Pm8909 Firmware Pm8916 Firmware Pm8953 Firmware Pm8998 Firmware Pmd9607 Firmware Pmd9655 Firmware Pme605 Firmware Pmi632 Firmware Pmi8952 Firmware Pmi8998 Firmware Pmk8002 Firmware Pmk8003 Firmware Pmk8350 Firmware Pmm6155Au Firmware Pmm8155Au Firmware Pmm8195Au Firmware Pmm855Au Firmware Pmm8996Au Firmware Pmr525 Firmware Pmx50 Firmware Pmx55 Firmware Qat3514 Firmware Qat3516 Firmware Qat3518 Firmware Qat3519 Firmware Qat3522 Firmware Qat3550 Firmware Qat3555 Firmware Qat5515 Firmware Qat5516 Firmware Qat5522 Firmware Qat5533 Firmware Qat5568 Firmware Qbt1500 Firmware Qbt2000 Firmware Qdm2301 Firmware Qdm2302 Firmware Qdm2305 Firmware Qdm2307 Firmware Qdm2308 Firmware Qdm2310 Firmware Qdm3301 Firmware Qdm4643 Firmware Qdm4650 Firmware Qdm5620 Firmware Qdm5621 Firmware Qdm5650 Firmware Qdm5652 Firmware Qdm5670 Firmware Qdm5671 Firmware Qdm5677 Firmware Qdm5679 Firmware Qet4100 Firmware Qet5100 Firmware Qet5100M Firmware Qet6100 Firmware Qet6110 Firmware Qfe2101 Firmware Qfe2550 Firmware Qfs2530 Firmware Qfs2580 Firmware Qfs2608 Firmware Qfs2630 Firmware Qln1020 Firmware Qln1030 Firmware Qln4640 Firmware Qln4642 Firmware Qln4650 Firmware Qln5020 Firmware Qln5030 Firmware Qln5040 Firmware Qpa2625 Firmware Qpa4340 Firmware Qpa4360 Firmware Qpa4361 Firmware Qpa5460 Firmware Qpa5461 Firmware Qpa5580 Firmware Qpa5581 Firmware Qpa6560 Firmware Qpa8673 Firmware Qpa8675 Firmware Qpa8686 Firmware Qpa8801 Firmware Qpa8802 Firmware Qpa8803 Firmware Qpa8821 Firmware Qpa8842 Firmware Qpm2630 Firmware Qpm4621 Firmware Qpm4630 Firmware Qpm4640 Firmware Qpm4641 Firmware Qpm4650 Firmware Qpm5620 Firmware Qpm5621 Firmware Qpm5641 Firmware Qpm5657 Firmware Qpm5658 Firmware Qpm5670 Firmware Qpm5677 Firmware Qpm5679 Firmware Qpm5870 Firmware Qpm5875 Firmware Qpm6582 Firmware Qpm6585 Firmware Qpm6621 Firmware Qpm6670 Firmware Qpm8820 Firmware Qpm8830 Firmware Qpm8870 Firmware Qpm8895 Firmware Qsm7250 Firmware Qsw6310 Firmware Qsw8574 Firmware Qtc410S Firmware Qtc800H Firmware Qtc800S Firmware Qtc801S Firmware Qtm525 Firmware Rgr7640Au Firmware Rsw8577 Firmware Sd665 Firmware Sd710 Firmware Sd720G Firmware Sd750G Firmware Sd765 Firmware Sd765G Firmware Sd768G Firmware Sdr051 Firmware Sdr052 Firmware Sdr425 Firmware Sdr660 Firmware Sdr660G Firmware Sdr675 Firmware Sdr735 Firmware Sdr735G Firmware Sdr8150 Firmware Sdr8250 Firmware Sdr845 Firmware Sdr865 Firmware Sdxr1 Firmware Smb1350 Firmware Smb1351 Firmware Smb1354 Firmware Smb1355 Firmware Smb1357 Firmware Smb1358 Firmware Smb1360 Firmware Smb1380 Firmware Smb1381 Firmware Smb1390 Firmware Smb1395 Firmware Smb1396 Firmware Smb1398 Firmware Smb231 Firmware Smr525 Firmware Smr526 Firmware Smr545 Firmware Smr546 Firmware Wcn3991 Firmware Wcn3998 Firmware Wcn6850 Firmware Wcn6851 Firmware Wgr7640 Firmware Wtr2955 Firmware Wtr2965 Firmware Wtr3925 Firmware Wtr4905 Firmware Wtr5975 Firmware Wtr6955 Firmware Pm7350C Firmware Pm8350Bhs Firmware Pmk7350 Firmware Qdm3302 Firmware Qdm5579 Firmware Sm7350 Firmware Smb1394 Firmware Pm215 Firmware Pm4250 Firmware Pm439 Firmware Pmi8937 Firmware Qfe4301 Firmware Qfe4302 Firmware Qfe4303 Firmware Qfe4305 Firmware Qfe4308 Firmware Qfe4309 Firmware Qfe4320 Firmware Qfe4373Fc Firmware Qualcomm215 Firmware Pmw3100 Firmware Qfe2520 Firmware Qfe3340 Firmware Qpa5373 Firmware Sd455 Firmware Sd636 Firmware Sd632 Firmware Sd6905G Firmware Sd8655G Firmware Sd8885G Firmware Sdxr25G Firmware Sd678 Firmware Sd870 Firmware Sd480 Firmware Qet6105 Firmware Information Disclosure
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 07, 2021 - 09:15 nvd
CRITICAL 9.8

DescriptionNVD

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

AnalysisAI

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-415. Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Affected products include: Qualcomm Apq8009 Firmware, Qualcomm Apq8009W Firmware, Qualcomm Apq8017 Firmware, Qualcomm Apq8053 Firmware, Qualcomm Apq8064Au Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2020-11207 HIGH POC
7.8 Nov 12

Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snap

CVE-2020-11206 HIGH POC
7.8 Nov 12

Possible buffer overflow in Fastrpc while handling received parameters due to lack of validation on input parameters' in

CVE-2023-22388 CRITICAL
9.8 Nov 07

Memory Corruption in Multi-mode Call Processor while processing bit mask API. Rated critical severity (CVSS 9.8), this v

CVE-2023-22385 CRITICAL
9.8 Oct 03

Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Rated critical severity (CVSS 9.8), this vulner

CVE-2023-28562 CRITICAL
9.8 Sep 05

Memory corruption while handling payloads from remote ESL. Rated critical severity (CVSS 9.8), this vulnerability is rem

CVE-2023-21631 CRITICAL
9.8 Jul 04

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received

CVE-2022-33234 CRITICAL
9.8 Nov 15

Memory corruption in video due to configuration weakness. Rated critical severity (CVSS 9.8), this vulnerability is remo

CVE-2022-25748 CRITICAL
9.8 Oct 19

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (

CVE-2022-25687 CRITICAL
9.8 Oct 19

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdr

CVE-2022-25688 CRITICAL
9.8 Sep 16

Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, S

CVE-2022-25686 CRITICAL
9.8 Sep 16

Memory corruption in video module due to buffer overflow while processing WAV file in Snapdragon Auto, Snapdragon Comput

CVE-2022-25668 CRITICAL
9.8 Sep 02

Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto, Snapdragon Compute, Snap

Share

CVE-2021-1910 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy