CVE-2021-35074 - Qualcomm Wcd9375 Firmware, Qualcomm Wcd9385 Firmware and Qualcomm Wsa8810 Firmware

February 11, 2022

Critical 7.8

Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Affected software

Qualcomm Wcd9375 Firmware

Qualcomm Wcd9385 Firmware

Qualcomm Wsa8810 Firmware

Qualcomm Ar8035 Firmware

Qualcomm Wcd9335 Firmware

Qualcomm Sa6150p Firmware

Qualcomm Sa8195p Firmware

Qualcomm Wcd9370 Firmware

Qualcomm Wsa8830 Firmware

Qualcomm Qca9377 Firmware

Qualcomm Qca6391 Firmware

Qualcomm Sdx12 Firmware

Qualcomm Qca8337 Firmware

Qualcomm Wcn3991 Firmware

Qualcomm Qca6696 Firmware

Qualcomm Sa8155p Firmware

Qualcomm Wcn6851 Firmware

Qualcomm Qca8081 Firmware

Qualcomm Sd 8 Gen1 5g Firmware

Qualcomm Wsa8815 Firmware

Qualcomm Sdx65 Firmware

Qualcomm Wcn3988 Firmware

Qualcomm Wcn6850 Firmware

Qualcomm Qcm6490 Firmware

Qualcomm Wcn6750 Firmware

Qualcomm Sm6375 Firmware

Qualcomm Wcn6855 Firmware

Qualcomm Wcn3998 Firmware

Qualcomm Qca6574au Firmware

Qualcomm Qcs6490 Firmware

Qualcomm Sd888 5g Firmware

Qualcomm Wcd9380 Firmware

Qualcomm Sa8145p Firmware

Qualcomm Sd480 Firmware

Qualcomm Qca6174a Firmware

Qualcomm Qca6595au Firmware

Qualcomm Sa8150p Firmware

Qualcomm Wsa8835 Firmware

Qualcomm Wcn6856 Firmware

Qualcomm Sa6155p Firmware

Qualcomm Sa6145p Firmware

Reference links

https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin

CVE-2021-35074 - Qualcomm Wcd9375 Firmware, Qualcomm Wcd9385 Firmware and Qualcomm Wsa8810 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software