CVE-2021-30315: Use After Free
First published: Wed Oct 20 2021(Updated: )
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Qualcomm Mdm9628 | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Qca6564au Firmware | ||
| Google Android | ||
| Qualcomm Qca6574 Firmware | ||
| Qualcomm Qca6574 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Qca6574au | ||
| Qualcomm Qca6595 Firmware | ||
| Qualcomm Qca6595 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Qca6696 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sa6155p | ||
| Google Android | ||
| Qualcomm Sa8150p | ||
| Qualcomm Sa8155 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sa8195p Firmware | ||
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-30315?
CVE-2021-30315 is rated as high severity due to improper handling of sensor HAL structure, which can lead to use after free vulnerabilities.
How do I fix CVE-2021-30315?
To resolve CVE-2021-30315, apply the latest firmware update provided by Qualcomm for the affected Snapdragon Auto platforms.
Which devices are affected by CVE-2021-30315?
CVE-2021-30315 affects various Qualcomm chipsets including Mdm9628, Qca6564au, Qca6595, and others listed in the official advisory.
What is the impact of CVE-2021-30315?
CVE-2021-30315 could allow attackers to exploit the vulnerability for remote code execution or denial of service in Snapdragon Auto systems.
Is there a workaround for CVE-2021-30315?
Currently, the recommended solution for CVE-2021-30315 is to apply firmware updates, as no specific workarounds have been provided.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/qualcomm
- canonical/google android
- canonical/qualcomm mdm9628
- canonical/qualcomm qca6564au firmware
- canonical/qualcomm qca6574 firmware
- canonical/qualcomm qca6574
- canonical/qualcomm qca6574au
- canonical/qualcomm qca6595 firmware
- canonical/qualcomm qca6595
- canonical/qualcomm qca6696
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8150p
- canonical/qualcomm sa8155 firmware
- canonical/qualcomm sa8195p firmware