CVE-2021-35074

Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS v3 8.4 HIGH
CVSS v2.0 7.2 HIGH

8.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin	Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8475:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:sd888_5g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd888_5g:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:sdx12_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx12:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:sdx65_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx65:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:sm6375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6375:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:qualcomm:wcn3998_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:qualcomm:wcn6750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:qualcomm:wcn6850_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:qualcomm:wcn6851_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:qualcomm:wcn6855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6855:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:qualcomm:wcn6856_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:11

Type	Values Removed	Values Added
References	~~() https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin - Patch, Vendor Advisory~~	() https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin - Patch, Vendor Advisory
CVSS	v2 : ~~7.2~~ v3 : ~~7.8~~	v2 : 7.2 v3 : 8.4

19 Apr 2023, 17:10

Type	Values Removed	Values Added
CPE	cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:::::::*	cpe:2.3:h:qualcomm:sm8475:-:::::::*

18 Feb 2022, 19:54

Type	Values Removed	Values Added
CPE		cpe:2.3:h:qualcomm:sa8155p:-:::::::* cpe:2.3:o:qualcomm:wcn6851_firmware:-:::::::* cpe:2.3:h:qualcomm:qca6174a:-:::::::* cpe:2.3:h:qualcomm:qca8081:-:::::::* cpe:2.3:h:qualcomm:sa8195p:-:::::::* cpe:2.3:h:qualcomm:wcn3991:-:::::::* cpe:2.3:o:qualcomm:wcn6855_firmware:-:::::::* cpe:2.3:o:qualcomm:qcm6490_firmware:-:::::::* cpe:2.3:o:qualcomm:qca8081_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6155p_firmware:-:::::::* cpe:2.3:h:qualcomm:sm6375:-:::::::* cpe:2.3:o:qualcomm:wsa8810_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn3988:-:::::::* cpe:2.3:o:qualcomm:sm6375_firmware:-:::::::* cpe:2.3:h:qualcomm:sd480:-:::::::* cpe:2.3:h:qualcomm:wcn6855:-:::::::* cpe:2.3:o:qualcomm:wcn6750_firmware:-:::::::* cpe:2.3:o:qualcomm:sd888_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn6850:-:::::::* cpe:2.3:o:qualcomm:wsa8815_firmware:-:::::::* cpe:2.3:o:qualcomm:qca9377_firmware:-:::::::* cpe:2.3:h:qualcomm:sd888_5g:-:::::::* cpe:2.3:o:qualcomm:wcn6850_firmware:-:::::::* cpe:2.3:h:qualcomm:qca8337:-:::::::* cpe:2.3:h:qualcomm:wcn3998:-:::::::* cpe:2.3:o:qualcomm:sa6145p_firmware:-:::::::* cpe:2.3:o:qualcomm:sdx65_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn6856:-:::::::* cpe:2.3:h:qualcomm:sdx12:-:::::::* cpe:2.3:h:qualcomm:wsa8815:-:::::::* cpe:2.3:o:qualcomm:wcn3988_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8830:-:::::::* cpe:2.3:h:qualcomm:sa8145p:-:::::::* cpe:2.3:o:qualcomm:qca6595au_firmware:-:::::::* cpe:2.3:h:qualcomm:wcn6851:-:::::::* cpe:2.3:h:qualcomm:qca6595au:-:::::::* cpe:2.3:h:qualcomm:qca6574au:-:::::::* cpe:2.3:o:qualcomm:wcn6856_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6174a_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6391_firmware:-:::::::* cpe:2.3:h:qualcomm:qca9377:-:::::::* cpe:2.3:o:qualcomm:wsa8835_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9380:-:::::::* cpe:2.3:h:qualcomm:ar8035:-:::::::* cpe:2.3:h:qualcomm:wcd9370:-:::::::* cpe:2.3:o:qualcomm:qcs6490_firmware:-:::::::* cpe:2.3:o:qualcomm:ar8035_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9385_firmware:-:::::::* cpe:2.3:o:qualcomm:sa6150p_firmware:-:::::::* cpe:2.3:o:qualcomm:wsa8830_firmware:-:::::::* cpe:2.3:o:qualcomm:sd480_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8835:-:::::::* cpe:2.3:o:qualcomm:wcd9380_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9375_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8150p_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8145p_firmware:-:::::::* cpe:2.3:o:qualcomm:qca6696_firmware:-:::::::* cpe:2.3:h:qualcomm:sa6150p:-:::::::* cpe:2.3:o:qualcomm:sa8155p_firmware:-:::::::* cpe:2.3:o:qualcomm:qca8337_firmware:-:::::::* cpe:2.3:h:qualcomm:sa6145p:-:::::::* cpe:2.3:h:qualcomm:wcn6750:-:::::::* cpe:2.3:o:qualcomm:wcd9370_firmware:-:::::::* cpe:2.3:o:qualcomm:sa8195p_firmware:-:::::::* cpe:2.3:o:qualcomm:wcn3998_firmware:-:::::::* cpe:2.3:h:qualcomm:wsa8810:-:::::::* cpe:2.3:o:qualcomm:sdx12_firmware:-:::::::* cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:::::::* cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:::::::* cpe:2.3:h:qualcomm:sdx65:-:::::::* cpe:2.3:o:qualcomm:wcn3991_firmware:-:::::::* cpe:2.3:h:qualcomm:qcs6490:-:::::::* cpe:2.3:h:qualcomm:qcm6490:-:::::::* cpe:2.3:h:qualcomm:qca6391:-:::::::* cpe:2.3:h:qualcomm:wcd9375:-:::::::* cpe:2.3:h:qualcomm:qca6696:-:::::::* cpe:2.3:h:qualcomm:sa6155p:-:::::::* cpe:2.3:h:qualcomm:wcd9385:-:::::::* cpe:2.3:h:qualcomm:sa8150p:-:::::::* cpe:2.3:o:qualcomm:qca6574au_firmware:-:::::::* cpe:2.3:o:qualcomm:wcd9335_firmware:-:::::::* cpe:2.3:h:qualcomm:wcd9335:-:::::::*
CWE		CWE-190
References	~~(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin -~~	(CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin - Patch, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 7.2 v3 : 7.8

11 Feb 2022, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-02-11 11:15

Updated : 2024-11-21 06:11

NVD link : CVE-2021-35074

Mitre link : CVE-2021-35074

CVE.ORG link : CVE-2021-35074

JSON object : View

Products Affected

qualcomm

qca8337_firmware
wcn3991
qca6696
qcm6490_firmware
wcd9385
wsa8835
sa8145p_firmware
sa6150p
qca8081
wcn3991_firmware
sm6375_firmware
wcd9380_firmware
sa6145p_firmware
sa8150p_firmware
wcn6855
wcd9375_firmware
sa8150p
wcn3998_firmware
sa6155p
sa8195p_firmware
wcn6750_firmware
sd888_5g_firmware
qca8337
wsa8830_firmware
wsa8815
wcn3988_firmware
qca6595au_firmware
ar8035
qcm6490
qcs6490
sa8155p_firmware
sm8475
qca6391_firmware
qca6574au_firmware
wsa8835_firmware
sd480
sa8145p
wcn3988
sd888_5g
ar8035_firmware
wcd9380
wcn6750
qca6595au
sa6145p
wcd9370_firmware
sa6150p_firmware
qca6696_firmware
wcd9375
sd_8_gen1_5g_firmware
wcd9385_firmware
qca6574au
wsa8810_firmware
sa8155p
sdx65
qca6391
qca9377
sm6375
sa8195p
wcn6851
wcn6851_firmware
wcn6855_firmware
sd480_firmware
qca8081_firmware
sdx65_firmware
wsa8810
qca9377_firmware
wsa8815_firmware
qca6174a
sdx12_firmware
wcd9370
wcd9335_firmware
wsa8830
sa6155p_firmware
qcs6490_firmware
wcn6850
qca6174a_firmware
wcd9335
wcn3998
wcn6856_firmware
wcn6856
wcn6850_firmware
sdx12

CWE

CWE-190

Integer Overflow or Wraparound

8.4 /10