正文

Qualcomm 芯片 缓冲区错误漏洞

admin
admin V管理员 /0 评论 /15 阅读
0306
此篇文章发布距今已超过1217天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

Qualcomm 芯片 缓冲区错误漏洞

  • CNNVD编号:CNNVD-202109-281
    • <!--
  • 危害等级: 高危-->
  • 危害等级: 高危
  • CVE编号: CVE-2021-1948
  • 漏洞类型: 缓冲区错误
  • 发布时间: 2021-09-06
  • 威胁类型: 远程
  • 更新时间: 2021-11-29
  • 厂        商:
  • 漏洞来源:

漏洞简介

Qualcomm 芯片是美国高通(Qualcomm)公司的芯片。一种将电路(主要包括半导体设备,也包括被动组件等)小型化的方式,并时常制造在半导体晶圆表面上。

Qualcomm 芯片存在安全漏洞,该漏洞源于在解析信标或探测响应时缺少数据长度检查,可能会越界读取。以下产品及版本收到影响:APQ8053, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, IPQ4018, IPQ4019, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ5028, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8065, IPQ8068, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9650, MSM8953, MSM8996AU, PMP8074, QCA1062, QCA1064, QCA2062, QCA2064, QCA2065, QCA2066, QCA4024, QCA6310, QCA6320, QCA6335, QCA6390, QCA6391, QCA6420, QCA6426, QCA6428, QCA6430, QCA6436, QCA6438, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6696, QCA7500, QCA8072, QCA8075, QCA8081, QCA8337, QCA9531, QCA9558, QCA9561, QCA9563, QCA9880, QCA9882, QCA9886, QCA9887, QCA9888, QCA9889, QCA9896, QCA9898, QCA9980, QCA9982, QCA9984, QCA9985, QCA9990, QCA9992, QCA9994, QCM2290, QCM4290, QCM6125, QCN5021, QCN5022, QCN5024, QCN5052, QCN5054, QCN5064, QCN5121, QCN5122, QCN5124, QCN5152, QCN5154, QCN5164, QCN5500, QCN5502, QCN5550, QCN6023, QCN6024, QCN6122, QCN9000, QCN9012, QCN9022, QCN9024, QCN9070, QCN9072, QCN9074, QCN9100, QCS2290, QCS405, QCS4290, QCS610, QCS6125, QCX315, QRB5165, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SC8280XP, SD 636, SD 675, SD 8C, SD 8CX, SD460, SD480, SD660, SD662, SD665, SD670, SD675, SD678, SD690 5G, SD710, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD835, SD845, SD855, SD865 5G, SD870, SD888, SD888 5G, SDM630, SDX50M, SDX55, SDX55M, SDXR1, SDXR2 5G, SM4125, SM6250, SM6250P, SM7250, SM7325, WCD9326, WCD9335, WCD9340, WCD9341, WCD9370, WCD9371, WCD9375, WCD9380, WCD9385, WCN3615, WCN3680B, WCN3910, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN3999, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://source.codeaurora.org/quic/qsdk/platform/vendor/qcom-opensource/wlan/qca-wifi-host-cmn/commit/?id=26811bdd06af486d49ce37c4cd9c2ba72c85fa2c。

参考网址

来源:CONFIRM

链接:https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Google-Android-Pixel-multiple-vulnerabilities-of-September-2021-36342

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021090616

来源:source.android.com

链接:https://source.android.com/security/bulletin/2021-09-01

来源:www.qualcomm.com

链接:https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2021-1948

来源:device.harmonyos.com

链接:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202110-0000001162680040

受影响实体

    暂无


补丁

  • Qualcomm 芯片 缓冲区错误漏洞的修复措施
    <!--
    2021-9-6
    -->