Vulnerability-Lookup

GHSA-JX2V-XP6G-FWVJ

Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07

Details

Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-1907"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-13T06:15:00Z",
    "severity": "HIGH"
  },
  "details": "Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
  "id": "GHSA-jx2v-xp6g-fwvj",
  "modified": "2022-05-24T19:07:46Z",
  "published": "2022-05-24T19:07:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1907"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-1907 (GCVE-0-2021-1907)

Vulnerability from cvelistv5 – Published: 2021-07-13 05:30 – Updated: 2024-08-03 16:25

Summary

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Reachable Assertion in WLAN

Assigner

qualcomm

References

URL

Tags

https://www.qualcomm.com/company/product-security…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile	Affected: APQ8053 Affected: CSRB31024 Affected: MSM8953 Affected: QCA6175A Affected: QCA6390 Affected: QCA6391 Affected: QCA6426 Affected: QCA6436 Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6584AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCM4290 Affected: QCM6125 Affected: QCS4290 Affected: QCS6125 Affected: SA415M Affected: SA515M Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SD 636 Affected: SD480 Affected: SD660 Affected: SD665 Affected: SD670 Affected: SD710 Affected: SD765 Affected: SD765G Affected: SD768G Affected: SD778G Affected: SD780G Affected: SD835 Affected: SD845 Affected: SD855 Affected: SD865 5G Affected: SD870 Affected: SD888 Affected: SD888 5G Affected: SDM630 Affected: SDX55 Affected: SDX55M Affected: SDXR2 5G Affected: SM7250P Affected: SM7325P Affected: WCD9326 Affected: WCD9335 Affected: WCD9340 Affected: WCD9341 Affected: WCD9370 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3615 Affected: WCN3680B Affected: WCN3910 Affected: WCN3950 Affected: WCN3980 Affected: WCN3988 Affected: WCN3990 Affected: WCN3991 Affected: WCN3998 Affected: WCN6740 Affected: WCN6750 Affected: WCN6850 Affected: WCN6851 Affected: WCN6855 Affected: WCN6856 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8835

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:25:06.185Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "APQ8053"
            },
            {
              "status": "affected",
              "version": "CSRB31024"
            },
            {
              "status": "affected",
              "version": "MSM8953"
            },
            {
              "status": "affected",
              "version": "QCA6175A"
            },
            {
              "status": "affected",
              "version": "QCA6390"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6426"
            },
            {
              "status": "affected",
              "version": "QCA6436"
            },
            {
              "status": "affected",
              "version": "QCA6564A"
            },
            {
              "status": "affected",
              "version": "QCA6564AU"
            },
            {
              "status": "affected",
              "version": "QCA6574"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCM4290"
            },
            {
              "status": "affected",
              "version": "QCM6125"
            },
            {
              "status": "affected",
              "version": "QCS4290"
            },
            {
              "status": "affected",
              "version": "QCS6125"
            },
            {
              "status": "affected",
              "version": "SA415M"
            },
            {
              "status": "affected",
              "version": "SA515M"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SD 636"
            },
            {
              "status": "affected",
              "version": "SD480"
            },
            {
              "status": "affected",
              "version": "SD660"
            },
            {
              "status": "affected",
              "version": "SD665"
            },
            {
              "status": "affected",
              "version": "SD670"
            },
            {
              "status": "affected",
              "version": "SD710"
            },
            {
              "status": "affected",
              "version": "SD765"
            },
            {
              "status": "affected",
              "version": "SD765G"
            },
            {
              "status": "affected",
              "version": "SD768G"
            },
            {
              "status": "affected",
              "version": "SD778G"
            },
            {
              "status": "affected",
              "version": "SD780G"
            },
            {
              "status": "affected",
              "version": "SD835"
            },
            {
              "status": "affected",
              "version": "SD845"
            },
            {
              "status": "affected",
              "version": "SD855"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SD870"
            },
            {
              "status": "affected",
              "version": "SD888"
            },
            {
              "status": "affected",
              "version": "SD888 5G"
            },
            {
              "status": "affected",
              "version": "SDM630"
            },
            {
              "status": "affected",
              "version": "SDX55"
            },
            {
              "status": "affected",
              "version": "SDX55M"
            },
            {
              "status": "affected",
              "version": "SDXR2 5G"
            },
            {
              "status": "affected",
              "version": "SM7250P"
            },
            {
              "status": "affected",
              "version": "SM7325P"
            },
            {
              "status": "affected",
              "version": "WCD9326"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9341"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCN3615"
            },
            {
              "status": "affected",
              "version": "WCN3680B"
            },
            {
              "status": "affected",
              "version": "WCN3910"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN3990"
            },
            {
              "status": "affected",
              "version": "WCN3991"
            },
            {
              "status": "affected",
              "version": "WCN3998"
            },
            {
              "status": "affected",
              "version": "WCN6740"
            },
            {
              "status": "affected",
              "version": "WCN6750"
            },
            {
              "status": "affected",
              "version": "WCN6850"
            },
            {
              "status": "affected",
              "version": "WCN6851"
            },
            {
              "status": "affected",
              "version": "WCN6855"
            },
            {
              "status": "affected",
              "version": "WCN6856"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Reachable Assertion in WLAN",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-13T05:30:51",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@qualcomm.com",
          "ID": "CVE-2021-1907",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "APQ8053"
                          },
                          {
                            "version_value": "CSRB31024"
                          },
                          {
                            "version_value": "MSM8953"
                          },
                          {
                            "version_value": "QCA6175A"
                          },
                          {
                            "version_value": "QCA6390"
                          },
                          {
                            "version_value": "QCA6391"
                          },
                          {
                            "version_value": "QCA6426"
                          },
                          {
                            "version_value": "QCA6436"
                          },
                          {
                            "version_value": "QCA6564A"
                          },
                          {
                            "version_value": "QCA6564AU"
                          },
                          {
                            "version_value": "QCA6574"
                          },
                          {
                            "version_value": "QCA6574A"
                          },
                          {
                            "version_value": "QCA6574AU"
                          },
                          {
                            "version_value": "QCA6584AU"
                          },
                          {
                            "version_value": "QCA6595"
                          },
                          {
                            "version_value": "QCA6595AU"
                          },
                          {
                            "version_value": "QCA6696"
                          },
                          {
                            "version_value": "QCM4290"
                          },
                          {
                            "version_value": "QCM6125"
                          },
                          {
                            "version_value": "QCS4290"
                          },
                          {
                            "version_value": "QCS6125"
                          },
                          {
                            "version_value": "SA415M"
                          },
                          {
                            "version_value": "SA515M"
                          },
                          {
                            "version_value": "SA6145P"
                          },
                          {
                            "version_value": "SA6150P"
                          },
                          {
                            "version_value": "SA6155"
                          },
                          {
                            "version_value": "SA6155P"
                          },
                          {
                            "version_value": "SA8145P"
                          },
                          {
                            "version_value": "SA8150P"
                          },
                          {
                            "version_value": "SA8155"
                          },
                          {
                            "version_value": "SA8155P"
                          },
                          {
                            "version_value": "SA8195P"
                          },
                          {
                            "version_value": "SD 636"
                          },
                          {
                            "version_value": "SD480"
                          },
                          {
                            "version_value": "SD660"
                          },
                          {
                            "version_value": "SD665"
                          },
                          {
                            "version_value": "SD670"
                          },
                          {
                            "version_value": "SD710"
                          },
                          {
                            "version_value": "SD765"
                          },
                          {
                            "version_value": "SD765G"
                          },
                          {
                            "version_value": "SD768G"
                          },
                          {
                            "version_value": "SD778G"
                          },
                          {
                            "version_value": "SD780G"
                          },
                          {
                            "version_value": "SD835"
                          },
                          {
                            "version_value": "SD845"
                          },
                          {
                            "version_value": "SD855"
                          },
                          {
                            "version_value": "SD865 5G"
                          },
                          {
                            "version_value": "SD870"
                          },
                          {
                            "version_value": "SD888"
                          },
                          {
                            "version_value": "SD888 5G"
                          },
                          {
                            "version_value": "SDM630"
                          },
                          {
                            "version_value": "SDX55"
                          },
                          {
                            "version_value": "SDX55M"
                          },
                          {
                            "version_value": "SDXR2 5G"
                          },
                          {
                            "version_value": "SM7250P"
                          },
                          {
                            "version_value": "SM7325P"
                          },
                          {
                            "version_value": "WCD9326"
                          },
                          {
                            "version_value": "WCD9335"
                          },
                          {
                            "version_value": "WCD9340"
                          },
                          {
                            "version_value": "WCD9341"
                          },
                          {
                            "version_value": "WCD9370"
                          },
                          {
                            "version_value": "WCD9375"
                          },
                          {
                            "version_value": "WCD9380"
                          },
                          {
                            "version_value": "WCD9385"
                          },
                          {
                            "version_value": "WCN3615"
                          },
                          {
                            "version_value": "WCN3680B"
                          },
                          {
                            "version_value": "WCN3910"
                          },
                          {
                            "version_value": "WCN3950"
                          },
                          {
                            "version_value": "WCN3980"
                          },
                          {
                            "version_value": "WCN3988"
                          },
                          {
                            "version_value": "WCN3990"
                          },
                          {
                            "version_value": "WCN3991"
                          },
                          {
                            "version_value": "WCN3998"
                          },
                          {
                            "version_value": "WCN6740"
                          },
                          {
                            "version_value": "WCN6750"
                          },
                          {
                            "version_value": "WCN6850"
                          },
                          {
                            "version_value": "WCN6851"
                          },
                          {
                            "version_value": "WCN6855"
                          },
                          {
                            "version_value": "WCN6856"
                          },
                          {
                            "version_value": "WSA8810"
                          },
                          {
                            "version_value": "WSA8815"
                          },
                          {
                            "version_value": "WSA8830"
                          },
                          {
                            "version_value": "WSA8835"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Qualcomm, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Possible buffer overflow due to lack of length check in BA request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Reachable Assertion in WLAN"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin",
              "refsource": "CONFIRM",
              "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2021-1907",
    "datePublished": "2021-07-13T05:30:51",
    "dateReserved": "2020-12-08T00:00:00",
    "dateUpdated": "2024-08-03T16:25:06.185Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-JX2V-XP6G-FWVJ

CVE-2021-1907 (GCVE-0-2021-1907)

Tags

Sightings

Nomenclature