Detection of Error Condition Without Action in Qualcomm products - CVE-2021-30283
Published: December 7, 2021
Vulnerability identifier: #VU58578
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-30283
CWE-ID:
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Qualcomm
Affected software:
QCA6391
QCM6490
QCS6490
QRB5165
QRB5165N
SD778G
SD888 5G
SM7325P
WCD9370
WCD9375
WCD9380
WCD9385
WCN6750
WCN6850
WCN6851
WCN6855
WCN6856
WSA8830
WSA8835
QCA6391
QCM6490
QCS6490
QRB5165
QRB5165N
SD778G
SD888 5G
SM7325P
WCD9370
WCD9375
WCD9380
WCD9385
WCN6750
WCN6850
WCN6851
WCN6855
WCN6856
WSA8830
WSA8835
Detailed vulnerability description
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper handling of debug register trap from user applications. A local attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
How to mitigate CVE-2021-30283
Install updates from vendor's website.