{ "CVE_data_meta": { "ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2021-35129", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking", "version": { "version_data": [ { "version_value": "AR8035, IPQ5010, IPQ5018, IPQ5028, QCA2062, QCA2064, QCA2065, QCA2066, QCA6391, QCA8081, QCA8337, QCC710, QCM6490, QCN6023, QCN6024, QCN6100, QCN6102, QCN6112, QCN6122, QCN6132, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS6490, SD 8 Gen1 5G, SD 8cx Gen3, SD888, SD888 5G, SDX65, WCD9370, WCD9375, WCD9380, WCD9385, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8830, WSA8835" } ] } } ] }, "vendor_name": "Qualcomm, Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking" } ] }, "impact": { "cvss": { "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Copy Without Checking Size of Input in BT Controller" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin", "refsource": "CONFIRM", "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin" } ] } }