{ "CVE_data_meta": { "ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2021-30336", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables", "version": { "version_data": [ { "version_value": "QCA6390, QCA6391, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA6696, QCM2290, QCM4290, QCM6490, QCS2290, QCS4290, QCS6490, Qualcomm215, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SD 675, SD460, SD480, SD662, SD665, SD675, SD678, SD690 5G, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD865 5G, SD870, SD888, SD888 5G, SDA429W, SDX55M, SDXR1, SM6225, SM6250, SM6375, SM7250P, SM7315, SM7325P, SM8450, SM8450P, WCD9370, WCD9375, WCD9380, WCD9385, WCN3610, WCN3660B, WCN3910, WCN3950, WCN3988, WCN3991, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835" } ] } } ] }, "vendor_name": "Qualcomm, Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables" } ] }, "impact": { "cvss": { "baseScore": 8.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Over-read in DSP Services" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin", "refsource": "CONFIRM", "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin" } ] } }