{ "CVE_data_meta": { "ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2021-35120", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile", "version": { "version_data": [ { "version_value": "APQ8053, MSM8953, QCA6390, QCA6391, QCA6426, QCA6436, QCM2290, QCM4290, QCS2290, QCS4290, QRB5165, QRB5165M, QRB5165N, SD460, SD662, SD680, SD690 5G, SD750G, SD765, SD765G, SD768G, SD865 5G, SD870, SDX55M, SDXR2 5G, SM7250P, WCD9326, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3680B, WCN3910, WCN3950, WCN3988, WCN3991, WCN3998, WCN6850, WCN6851, WSA8810, WSA8815, WSA8830, WSA8835" } ] } } ] }, "vendor_name": "Qualcomm, Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile" } ] }, "impact": { "cvss": { "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Double Free in MM Frameworks" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin", "refsource": "CONFIRM", "url": "https://www.qualcomm.com/company/product-security/bulletins/june-2022-bulletin" } ] } }