CVE-2021-35095

Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
qualcommar8035_firmware
-
qualcommqca8081_firmware
-
qualcommqca8337_firmware
-
qualcommsd_8_gen1_5g_firmware
-
qualcommsdx65_firmware
-
qualcommwcd9380_firmware
-
qualcommwcn6855_firmware
-
qualcommwcn6856_firmware
-
qualcommwsa8830_firmware
-
qualcommwsa8835_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin