CVE-2021-35109Improper Input Validation in Google Android

CWE-20Improper Input Validation3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
0.1%
top 78.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Android
Timeline
PublishedSep 2
Latest updateNov 1

Description

Possible address manipulation from APP-NS while APP-S is configuring an RG where it tries to merge the address ranges in Snapdragon Connectivity, Snapdragon Mobile

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-m483-27j2-x8qg: Possible address manipulation from APP-NS while APP-S is configuring an RG where it tries to merge the address ranges in Snapdragon Connectivity, Snap2022-09-03

📋Vendor Advisories

1
Android
CVE-2021-35109: Closed-source component2022-11-01