| |
Vulnerability CVE-2021-35129
Published: 2022-06-14
| Description: |
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking |
Type:
CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))
CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.2/10 |
10/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
Complete |
Complete |
References: |
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
