| |
Vulnerability CVE-2021-35078
Published: 2022-06-14
| Description: |
Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
Type:
CWE-401 (Improper Release of Memory Before Removing Last Reference ('Memory Leak'))
CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.8/10 |
6.9/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
None |
Complete |
References: |
https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
