cvelist/2021/30xxx/CVE-2021-30309.json

{
   "CVE_data_meta": {
      "ASSIGNER": "product-security@qualcomm.com",
      "ID": "CVE-2021-30309",
      "STATE": "PUBLIC"
   },
   "affects": {
      "vendor": {
         "vendor_data": [
            {
               "product": {
                  "product_data": [
                     {
                        "product_name": "Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "MDM9650, QCA6174A, QCA6390, QCA6391, QCA9377, QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SD660, SD665, SD690 5G, SD730, SD765, SD765G, SD768G, SD865 5G, SD870, SDX12, SDX55M, SDXR1, SM7250P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6850, WCN6851, WSA8810, WSA8815, WSA8830, WSA8835"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name": "Qualcomm, Inc."
            }
         ]
      }
   },
   "data_format": "MITRE",
   "data_type": "CVE",
   "data_version": "4.0",
   "description": {
      "description_data": [
         {
            "lang": "eng",
            "value": "Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"
         }
      ]
   },
   "impact": {
      "cvss": {
         "baseScore": 7.8,
         "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
         "version": "3.1"
      }
   },
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng",
                  "value": "Buffer Copy Without Checking Size of Input in Modem"
               }
            ]
         }
      ]
   },
   "references": {
      "reference_data": [
         {
            "name": "https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin",
            "refsource": "CONFIRM",
            "url": "https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin"
         }
      ]
   }
}
"-Synchronized-Data." 2021-04-07 21:00:59 +00:00			`{`
Qualcomm-2-11-2022 2022-02-11 16:05:53 +05:30			`"CVE_data_meta": {`
			`"ASSIGNER": "product-security@qualcomm.com",`
			`"ID": "CVE-2021-30309",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
"-Synchronized-Data." 2021-04-07 21:00:59 +00:00			`{`
Qualcomm-2-11-2022 2022-02-11 16:05:53 +05:30			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "MDM9650, QCA6174A, QCA6390, QCA6391, QCA9377, QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SD660, SD665, SD690 5G, SD730, SD765, SD765G, SD768G, SD865 5G, SD870, SDX12, SDX55M, SDXR1, SM7250P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6850, WCN6851, WSA8810, WSA8815, WSA8830, WSA8835"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Qualcomm, Inc."`
"-Synchronized-Data." 2021-04-07 21:00:59 +00:00			`}`
Qualcomm-2-11-2022 2022-02-11 16:05:53 +05:30			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
			`"value": "Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile"`
			`}`
			`]`
			`},`
			`"impact": {`
			`"cvss": {`
			`"baseScore": 7.8,`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",`
			`"version": "3.1"`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Buffer Copy Without Checking Size of Input in Modem"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin",`
			`"refsource": "CONFIRM",`
			`"url": "https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin"`
			`}`
			`]`
			`}`
"-Synchronized-Data." 2021-04-07 21:00:59 +00:00			`}`