Main Vulnerability Database Vulnerabilities #VU51884

#VU51884 Buffer overflow in Qualcomm products - CVE-2021-1892

Published: April 5, 2021

Vulnerability identifier: #VU51884

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-1892

CWE-ID: CWE-119

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
AQT1000
PM8005
PM855
PM855P
PM8998
PMI8998
QAT3550
QCA1062
QCA1064
QCA2066
QCA6164
QCA6174
QCA6310
QCA6335
QCA6391
QCA6420
QCA6430
QCA6595AU
QCN7606
QET4100
QFE2081FC
QFE2082FC
QFE3100
QFE3440FC
QFE4455FC
QLN1035BD
SD8C
SD8CX
SDR8150
SMB1350
SMB1351
SMB1380
SMB1381
SMB1390
SMB2351
WCD9335
WCD9340
WCD9341
WCN3990
WCN3998
WCN6850
WCN6851
WCN6855
WCN6856
WGR7640
WSA8810
WSA8815
WTR5975
QCA6174A
QCA9377
QCN7605
SD835
SD845
SD850

Software vendor:
Qualcomm

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error while processing nonstandard IO control in WLAN. A malicious application can trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Install updates from vendor's website.

External links

https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

#VU51884 Buffer overflow in Qualcomm products - CVE-2021-1892

Description

Remediation

External links

Please verify you're human