CVE-2021-1933
published 2021-09-09CVE-2021-1933: UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — |
Android
CVE-2021-1933: Closed-source component
vendor_android·2021-09-01·CVSS 9.8
CVE-2021-1933 [CRITICAL] CVE-2021-1933: Closed-source component
Android Security Bulletin 2021-09-01
CVE: CVE-2021-1933
Severity: CRITICAL
Component: Closed-source component
References: A-181682124
*
GHSA
GHSA-rqjw-5w3g-3rjv: UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, S
ghsa_unreviewed·2022-05-24
CVE-2021-1933 [CRITICAL] CWE-129 GHSA-rqjw-5w3g-3rjv: UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, S
UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
No detection rules found.
No public exploits indexed.
Qualys
Google Android September 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices
blogs_qualys·2021-09-20·CVSS 5.0
[MEDIUM] Google Android September 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices
The recently released Android Security Bulletin for September 2021 addresses 40 vulnerabilities, out of which 7 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities also affect Kernel components, MediaTek, Unisoc components, QUALCOMM components, and QUALCOMM closed-source components.
## QUALCOMM Closed-source Components Improper Validation of Array Index Vulnerability
Google released a patch to fix an improper validation of array index critical vulnerability (CVE-2021-1933). This vulnerability has a CVSSv3.1 base score of 9.8, and successful exploitation of the vulnerability allows a remote attacker to trigger memory corruption and execute arbitrary code on
Qualys
Google Android September 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices | Qualys
blogs_qualys·2021-09-20·CVSS 5.0
[MEDIUM] Google Android September 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices | Qualys
The recently released Android Security Bulletin for September 2021 addresses 40 vulnerabilities, out of which 7 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities also affect Kernel components, MediaTek, Unisoc components, QUALCOMM components, and QUALCOMM closed-source components.
### QUALCOMM Closed-source Components Improper Validation of Array Index Vulnerability
Google released a patch to fix an improper validation of array index critical vulnerability (CVE-2021-1933). This vulnerability has a CVSSv3.1 base score of 9.8, and successful exploitation of the vulnerability allows a remote attacker to trigger memory corruption and execute arbitrary code on
2021-09-09
Published