CVE-2021-35072

Published: Jun 14, 2022Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Affected (82)

Products: Qualcomm: Apq8009 Firmware, Apq8009w Firmware, Apq8017 Firmware, Apq8037 Firmware, Apq8053 Firmware, Apq8096au Firmware, Mdm9150 Firmware, Mdm9206 Firmware, Mdm9250 Firmware, Mdm9607 Firmware, Mdm9628 Firmware, Mdm9640 Firmware, Mdm9650 Firmware, Msm8108 Firmware, Msm8208 Firmware, Msm8209 Firmware, Msm8608 Firmware, Msm8909w Firmware, Msm8917 Firmware, Msm8920 Firmware, Msm8937 Firmware, Msm8940 Firmware, Msm8953 Firmware, Msm8996au Firmware, Qca6174a Firmware, Qca6310 Firmware, Qca6320 Firmware, Qca6564a Firmware, Qca6564au Firmware, Qca6574 Firmware, Qca6574a Firmware, Qca6574au Firmware, Qca6584 Firmware, Qca9367 Firmware, Qca9377 Firmware, Qca9379 Firmware, Qcm2290 Firmware, Qcm4290 Firmware, Qcs2290 Firmware, Qcs4290 Firmware, Qualcomm215 Firmware, Sd210 Firmware, Sd429 Firmware, Sd439 Firmware, Sd450 Firmware, Sd460 Firmware, Sd632 Firmware, Sd662 Firmware, Sd680 Firmware, Sd820 Firmware, Sd821 Firmware, Sd835 Firmware, Sdm429w Firmware, Sdw2500 Firmware, Sdx12 Firmware, Sm4125 Firmware, Sw5100 Firmware, Sw5100p Firmware, Wcd9326 Firmware, Wcd9330 Firmware, Wcd9335 Firmware, Wcd9340 Firmware, Wcd9341 Firmware, Wcd9370 Firmware, Wcd9375 Firmware, Wcn3610 Firmware, Wcn3615 Firmware, Wcn3620 Firmware, Wcn3660 Firmware, Wcn3660b Firmware, Wcn3680 Firmware, Wcn3680b Firmware, Wcn3910 Firmware, Wcn3950 Firmware, Wcn3980 Firmware, Wcn3988 Firmware, Wcn3990 Firmware, Wcn3998 Firmware, Wsa8810 Firmware, Wsa8815 Firmware, Wsa8830 Firmware, Wsa8835 Firmware

82 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Apq8009 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Apq8009	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Apq8009w Firmware	All versions

Running on/with	Platform Versions
Qualcomm Apq8009w	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Apq8017 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Apq8017	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Apq8037 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Apq8037	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Apq8053 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Apq8053	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Apq8096au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Apq8096au	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9150 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9150	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9206 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9206	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9250 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9250	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9607 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9607	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9628 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9628	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9640 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9640	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9650	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8108 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8108	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8208 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8208	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8209 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8209	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8608 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8608	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8909w Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8909w	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8917 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8917	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8920 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8920	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8937 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8937	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8940 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8940	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8953 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8953	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Msm8996au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Msm8996au	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6174a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6174a	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6310 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6310	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6320 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6320	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6564a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6564a	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6564au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6564au	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574a	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6574au Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6574au	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6584 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6584	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca9367 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca9367	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca9377 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca9377	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca9379 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca9379	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcm2290 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcm2290	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcm4290 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcm4290	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs2290 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs2290	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qcs4290 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qcs4290	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qualcomm215 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qualcomm215	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd210 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd210	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd429 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd429	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd439 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd439	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd450 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd450	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd460 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd460	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd632 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd632	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd662 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd662	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd680 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd680	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd820 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd820	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd821 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd821	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd835	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdm429w Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdm429w	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdw2500 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdw2500	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx12 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx12	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sm4125 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sm4125	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sw5100p Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sw5100p	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9326 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9326	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9330 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9330	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9335 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9335	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9340 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9340	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9341 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9341	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9370 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9370	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9375 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9375	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3610 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3610	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3615 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3615	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3620 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3620	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3660 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3660	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3660b Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3660b	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3680 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3680	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3680b Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3680b	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3910 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3910	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3950 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3950	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3980 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3980	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3988 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3988	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3990 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3990	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn3998 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn3998	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8830 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8830	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8835	All versions

Related CWEs

CWE-129

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (2)

https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

Source: product-security@qualcomm.com

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.