cvelist/2021/35xxx/CVE-2021-35118.json

{
   "CVE_data_meta": {
      "ASSIGNER": "product-security@qualcomm.com", 
      "ID": "CVE-2021-35118", 
      "STATE": "PUBLIC"
   }, 
   "affects": {
      "vendor": {
         "vendor_data": [
            {
               "product": {
                  "product_data": [
                     {
                        "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables", 
                        "version": {
                           "version_data": [
                              {
                                 "version_value": "APQ8053, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, MDM9150, MSM8953, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCA6574, QCA6574A, QCA6574AU, QCA6595AU, QCA8337, QCM2290, QCM4290, QCM6125, QCM6490, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QCS6490, QRB5165, QRB5165M, QRB5165N, Qualcomm215, SA515M, SA6155, SA6155P, SA8155, SA8155P, SD 8 Gen1 5G, SD429, SD460, SD480, SD662, SD680, SD690 5G, SD750G, SD765, SD765G, SD768G, SD780G, SD855, SD865 5G, SD870, SD888 5G, SDM429W, SDX55, SDX55M, SDX65, SDXR2 5G, SM4125, SM7250P, SM7450, SM8475, SM8475P, WCD9326, WCD9335, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3620, WCN3660B, WCN3680, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WCN7850, WCN7851, WSA8810, WSA8815, WSA8830, WSA8832, WSA8835"
                              }
                           ]
                        }
                     }
                  ]
               }, 
               "vendor_name": "Qualcomm, Inc."
            }
         ]
      }
   }, 
   "data_format": "MITRE", 
   "data_type": "CVE", 
   "data_version": "4.0", 
   "description": {
      "description_data": [
         {
            "lang": "eng", 
            "value": "An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables"
         }
      ]
   }, 
   "impact": {
      "cvss": {
         "baseScore": 6.7, 
         "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", 
         "version": "3.1"
      }
   }, 
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng", 
                  "value": "Use of Out-of-range Pointer Offset in Camera"
               }
            ]
         }
      ]
   }, 
   "references": {
      "reference_data": [
         {
            "name": "https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin", 
            "refsource": "CONFIRM", 
            "url": "https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin"
         }
      ]
   }
}