CVE-2021-30263

Published: Nov 12, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Affected (27)

Products: Qualcomm: Aqt1000 Firmware, Ar8031 Firmware, Ar8035 Firmware, Csra6620 Firmware, Csra6640 Firmware, Qca6391 Firmware, Qca6420 Firmware, Qca6430 Firmware, Qca8337 Firmware, Qcm6125 Firmware, Qcs405 Firmware, Qcs6125 Firmware, Sd 8c Firmware, Sd 8cx Firmware, Sd855 Firmware, Sdx55 Firmware, Sdx55m Firmware, Wcd9335 Firmware, Wcd9340 Firmware, Wcd9341 Firmware, Wcd9370 Firmware, Wcn3950 Firmware, Wcn3980 Firmware, Wcn3998 Firmware, Wcn3999 Firmware, Wsa8810 Firmware, Wsa8815 Firmware

27 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Aqt1000 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Aqt1000	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8031 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8031	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Ar8035 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Ar8035	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Csra6620 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Csra6620	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Csra6640 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Csra6640	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6391 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6391	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6420 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6420	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6430 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6430	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca8337 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca8337	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcm6125 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcm6125	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs405 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs405	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs6125 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs6125	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 8c Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 8c	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 8cx Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 8cx	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd855 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd855	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx55 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx55	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx55m Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx55m	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9335 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9335	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9341 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9341	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9370 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9370	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3950 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3950	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3980 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3980	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3998 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3998	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3999 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3999	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin

Source: product-security@qualcomm.com

PatchVendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.