CVE-2021-1906
published 2021-05-07CVE-2021-1906: Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
PriorityP277medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2021-11-17
Exploited in the wild
EPSS
0.52%
40.2th percentile
Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2021-1906 affects the Display component in Android; patch reference is A-178810049 / QC-CR#2835082, which can be used to identify unpatched devices in asset management or vulnerability scanning. ↗
- →The vulnerability is classified as 'Detection of Error Condition Without Action' in Qualcomm Multiple Chipsets — improper handling of GPU address deregistration on failure leading to new GPU address allocation failure. Detection should focus on Qualcomm chipset firmware versions predating the May 2021 Android Security Bulletin patch. ↗
- ·The vulnerability spans a wide range of Qualcomm product lines (Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables), meaning detection and patching scope is broad across device categories. ↗
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
vulncheck6.2MEDIUM
cisa5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xjgh-8jrf-3xgw: Improper handling of address deregistration on failure can lead to new GPU address allocation failure
ghsa_unreviewed·2022-05-24
CVE-2021-1906 [MEDIUM] CWE-755 GHSA-xjgh-8jrf-3xgw: Improper handling of address deregistration on failure can lead to new GPU address allocation failure
Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Project0
The More You Know, The More You Know You Don’t Know - Project Zero
project_zero·2022-04-01
CVE-2016-4654 The More You Know, The More You Know You Don’t Know - Project Zero
A Year in Review of 0-days Used In-the-Wild in 2021
Posted by Maddie Stone, Google Project Zero
This is our third annual year in review of 0-days exploited in-the-wild [2020, 2019]. Each year we’ve looked back at all of the detected and disclosed in-the-wild 0-days as a group and synthesized what we think the trends and takeaways are. The goal of this report is not to detail each individual exploit, but instead to analyze the exploits from the year as a group, looking for trends, gaps, lessons learned, successes, etc. If you’re interested in the analysis of individual exploits, please check out our root cause analysis repository.
We perform and share this analysis in order to make 0-day hard. We want it to be more costly, more resource intensive, and overall more difficult for
VulnCheck
Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability
vulncheck·2021·CVSS 6.2
CVE-2021-1906 [MEDIUM] CWE-390 Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability
Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability
Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.
Affected: Qualcomm Multiple Chipsets
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors.pdf
Remediation Due: 2021-11-17
Project0
Project Zero RCA: CVE-2021-1905: Qualcomm Adreno GPU memory mapping use-after-free
project_zero·CVSS 8.4
CVE-2021-1905 [HIGH] Project Zero RCA: CVE-2021-1905: Qualcomm Adreno GPU memory mapping use-after-free
# CVE-2021-1905: Qualcomm Adreno GPU memory mapping use-after-free
*Ben Hawkes, Project Zero*
## The Basics
**Disclosure or Patch Date:** 1 May 2021
**Product:** Qualcomm Adreno GPU
**Advisory:** https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin
**Affected Versions:** Prior to Android 2021-05-01 security patch level
Note: the Qualcomm Adreno GPU kernel driver may be used in other platforms aside from Android, but the following analysis was performed with Android in mind, since Android is a high priority area of interest for Project Zero.
**First Patched Version:** Android 2021-05-01 security patch level
**Issue/Bug Report:** N/A
**Patch CL:**\
https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=d236d315145f8250523ce9e14897d62e5d6639fc \
http
CISA
Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability
cisa·2021-11-03·CVSS 5.5
CVE-2021-1906 [MEDIUM] CWE-390 Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability
Vulnerability: Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability
Affected: Qualcomm Multiple Chipsets
Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-1906
Remediation Due Date: 2021-11-17
Android
CVE-2021-1906: Display
vendor_android·2021-05-01·CVSS 6.2
CVE-2021-1906 [MEDIUM] CVE-2021-1906: Display
Android Security Bulletin 2021-05-01
CVE: CVE-2021-1906
Severity: MEDIUM
Component: Display
References: A-178810049QC-CR#2835082
No detection rules found.
No public exploits indexed.
Qualys
Qualys Response to CISA Alert: Binding Operational Directive 22-01
blogs_qualys·2021-11-09
Qualys Response to CISA Alert: Binding Operational Directive 22-01
## Table of Contents
Overview
Directive Scope
CISA Catalog of Known Exploited Vulnerabilities
Detect CISAs Vulnerabilities Using Qualys VMDR
Remediation
Federal Enterprises and Agencies Can Act Now
Summary
Getting Started
Start your VMDR 30-day, no-cost trial today
## Overview
On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directive 22-01 , “Reducing the Significant Risk of Known Exploited Vulnerabilities.” This directive recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to remediate
Qualys
Qualys Response to CISA Alert: Binding Operational Directive 22-01 | Qualys
blogs_qualys·2021-11-09
Qualys Response to CISA Alert: Binding Operational Directive 22-01 | Qualys
#### Table of Contents
- Overview
- Directive Scope
- CISA Catalog of Known Exploited Vulnerabilities
- Detect CISAs Vulnerabilities Using Qualys VMDR
- Remediation
- Federal Enterprises and Agencies Can Act Now
- Summary
- Getting Started
Start your VMDR 30-day, no-cost trial today
## Overview
On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directive 22-01, “Reducing the Significant Risk of Known Exploited Vulnerabilities.” This directive recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to
arXiv
GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes
arxiv_fulltext·2022-08-21
GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes
GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes
Mordechai Guri
Ben-Gurion University of the Negev, Israel
Department of Software and Information Systems Engineering
Cyber-Security Research Center
Email: [email protected]
Demo video: http://www.covertchannels.com
\@IEEEpubidpullup6.5
A slightly modified version was accepted to 2021 18th International Conference on Privacy, Security and Trust (PST) 2021 IEEE
DOI: 10.1109/PST52912.2021.9647842
[ ]
## Abstract
It is known that malware can leak data from isolated, air-gapped computers to nearby smartphones using ultrasonic waves. However, this covert channel requires access to the smartphone's microphone, which is highly protected in Android OS and iOS, and might be non-accessible, disabled, or blocked.
In
Bugzilla
CVE-2019-20392 libyang: invalid memory access when if-feature statement is used inside a list key node
bugzilla·2020-01-22·CVSS 6.5
CVE-2019-20392 [MEDIUM] CVE-2019-20392 libyang: invalid memory access when if-feature statement is used inside a list key node
CVE-2019-20392 libyang: invalid memory access when if-feature statement is used inside a list key node
An invalid memory access flaw is present in libyang up to version v1.0-r1 in function resolve_feature_value() when a if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash.
Upstream issue:
https://github.com/CESNET/libyang/issues/723
Upstream fix:
https://github.com/CESNET/libyang/commit/32fb4993bc8bb49e93e84016af3c10ea53964be5
Discussion:
This was actually fixed in RHEL-8.4.0 as part of the libyang rebase in https://access.redhat.com/errata/RHEA-2021:1906 .
2021-05-07
Published
2021-11-03
Added to CISA KEV
Exploited in the wild