Skip to main content

Qca2062 Firmware CVE-2021-30304

CRITICAL
Out-of-bounds Read (CWE-125)
2021-10-20 product-security@qualcomm.com
9.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 20, 2021 - 07:15 nvd
CRITICAL 9.1

DescriptionNVD

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

AnalysisAI

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity Affected products include: Qualcomm Qca2062 Firmware, Qualcomm Qca2064 Firmware, Qualcomm Qca2065 Firmware, Qualcomm Qca2066 Firmware, Qualcomm Sc8280Xp Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

CVE-2023-33028 CRITICAL
9.8 Oct 03

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Rated critical severity (CVSS 9.8), this vuln

CVE-2022-25748 CRITICAL
9.8 Oct 19

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. Rated critical severity (

CVE-2024-38408 CRITICAL
9.1 Nov 04

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critic

CVE-2021-1980 CRITICAL
9.1 Oct 20

Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Co

CVE-2025-21441 HIGH
7.8 Apr 07

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV

CVE-2025-21440 HIGH
7.8 Apr 07

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CV

CVE-2024-43053 HIGH
7.8 Dec 02

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information. Rated high seve

CVE-2024-43050 HIGH
7.8 Dec 02

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Rated hig

CVE-2023-33088 HIGH
7.8 Dec 05

Memory corruption when processing cmd parameters while parsing vdev. Rated high severity (CVSS 7.8), this vulnerability

CVE-2023-28587 HIGH
7.8 Dec 05

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. Rated

CVE-2023-28550 HIGH
7.8 Dec 05

Memory corruption in MPP performance while accessing DSM watermark using external memory address. Rated high severity (C

CVE-2023-28573 HIGH
7.8 Sep 05

Memory corruption in WLAN HAL while parsing WMI command parameters. Rated high severity (CVSS 7.8), this vulnerability i

Share

CVE-2021-30304 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy