CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
12.6%
Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24.
Vendor | Product | Version | CPE |
---|---|---|---|
qualcomm | snapdragon_auto_firmware | - | cpe:2.3:o:qualcomm:snapdragon_auto_firmware:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_auto | - | cpe:2.3:h:qualcomm:snapdragon_auto:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_connectivity_firmware | - | cpe:2.3:o:qualcomm:snapdragon_connectivity_firmware:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_connectivity | - | cpe:2.3:h:qualcomm:snapdragon_connectivity:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_consumer_internet_of_things_firmware | - | cpe:2.3:o:qualcomm:snapdragon_consumer_internet_of_things_firmware:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_consumer_internet_of_things | - | cpe:2.3:h:qualcomm:snapdragon_consumer_internet_of_things:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_industrial_internet_of_things_firmware | - | cpe:2.3:o:qualcomm:snapdragon_industrial_internet_of_things_firmware:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_industrial_internet_of_things | - | cpe:2.3:h:qualcomm:snapdragon_industrial_internet_of_things:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_mobile_firmware | - | cpe:2.3:o:qualcomm:snapdragon_mobile_firmware:-:*:*:*:*:*:*:* |
qualcomm | snapdragon_mobile | - | cpe:2.3:h:qualcomm:snapdragon_mobile:-:*:*:*:*:*:*:* |
[
{
"product": "Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24"
}
]
}
]
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
12.6%