Buffer over-read in Qualcomm products - CVE-2021-30304
Published: February 6, 2023
Vulnerability identifier: #VU71923
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2021-30304
CWE-ID: CWE-126
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Qualcomm
Affected software:
QCA2062
QCA2064
QCA2065
QCA2066
SC8280XP
WCD9380
WCD9385
WCN6850
WCN6851
WCN6855
WCN6856
WSA8830
WSA8835
QCA2062
QCA2064
QCA2065
QCA2066
SC8280XP
WCD9380
WCD9385
WCN6850
WCN6851
WCN6855
WCN6856
WSA8830
WSA8835
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in WLAN. A remote attacker can perform a denial of service (DoS) attack.
How to mitigate CVE-2021-30304
Install security update from vendor's website.