#VU54546 Out-of-bounds read in Qualcomm products - CVE-2021-1899

Vulnerability identifier: #VU54546

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-1899

CWE-ID: CWE-125

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
APQ8009W
AQT1000
QCA4020
QCA6420
QCA6430
Qualcomm215
SD678
SD720G
SDA429W
SDX50M
SDX55M
SM6250
WCD9326
WCD9341
WCD9370
WCD9375
WCD9380
WCN3610
WCN3615
WCN3620
WCN3660B
WCN3680
WCN3680B
WCN3950
WCN3980
WCN3988
WCN3991
WCN3998
WSA8810
WSA8815
MSM8909W
QCA6174A
QCA9379
SD675
SD205
SD210
SD730
SD855
SDM429W
SDX55

Software vendor:
Qualcomm

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition caused by lack of length check while flashing meta images in the Boot subsystem. An attacker with physical access to device can perform a denial of service attack.

Install updates from vendor's website.

• https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin
• https://source.codeaurora.org/quic/le/kernel/lk/commit/?id=f713c280f3175b51b8c56d912f4f130cf9ed6b1b