CVE-2021-1985

Q: What is the severity of CVE-2021-1985?

CVE-2021-1985 has a CVSS score of 8.4 (HIGH). This vulnerability is a buffer over-read in Qualcomm's QVR Service configuration affecting multiple Snapdragon platforms. It allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information. Affected devices include Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, and Wearables.

8.4 HIGH

Buffer Overflow

📋 TL;DR

This vulnerability is a buffer over-read in Qualcomm's QVR Service configuration affecting multiple Snapdragon platforms. It allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information. Affected devices include Snapdragon Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, and Wearables.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Wearables

Versions: Multiple Snapdragon chipset versions

Operating Systems: Android-based systems, Linux-based systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with QVR Service enabled. Specific chipset models and firmware versions vary by manufacturer implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data exfiltration, or persistent backdoor installation.

🟠

Likely Case

Information disclosure through memory leaks, potentially exposing sensitive data like encryption keys or credentials.

🟢

If Mitigated

Limited impact with proper memory protections and exploit mitigations in place.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access or ability to interact with QVR Service. No public exploit code available as of knowledge cutoff.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Varies by device manufacturer and chipset

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply Qualcomm-provided patches through OEM updates. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Disable QVR Service

android

If QVR functionality is not required, disable the service to remove attack surface.

adb shell pm disable com.qualcomm.qvrservice
systemctl stop qvr-service (if applicable)

Restrict Service Permissions

android

Limit which applications can interact with QVR Service.

Use Android's permission management or SELinux policies

🧯 If You Can't Patch

Network segmentation to isolate affected devices
Implement strict access controls to limit who can interact with vulnerable services

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against manufacturer security bulletins. Look for QVR Service running on device.

Check Version:

adb shell getprop ro.build.fingerprint (Android) or check device settings

Verify Fix Applied:

Verify firmware version has been updated to patched version from manufacturer. Confirm QVR Service version if possible.

📡 Detection & Monitoring

Log Indicators:

Unusual QVR Service crashes
Memory access violations in system logs
Unexpected process spawning from QVR context

Network Indicators:

Unexpected network connections from QVR Service
Anomalous data exfiltration patterns

SIEM Query:

process_name:"qvr-service" AND (event_type:crash OR memory_violation)

📊 Metadata

CVE ID: CVE-2021-1985

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: October 20, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Apq8017 Firmware by Qualcomm

Apq8053 Firmware by Qualcomm

Apq8064au Firmware by Qualcomm

Apq8096au Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Msm8917 Firmware by Qualcomm

Msm8953 Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6320 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qcs603 Firmware by Qualcomm

Qcs605 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Qualcomm215 Firmware by Qualcomm

Sd 455 Firmware by Qualcomm

Sd 636 Firmware by Qualcomm

Sd 675 Firmware by Qualcomm

Sd205 Firmware by Qualcomm

Sd210 Firmware by Qualcomm

Sd429 Firmware by Qualcomm

Sd439 Firmware by Qualcomm

Sd460 Firmware by Qualcomm

Sd480 Firmware by Qualcomm

Sd632 Firmware by Qualcomm

Sd662 Firmware by Qualcomm

Sd665 Firmware by Qualcomm

Sd675 Firmware by Qualcomm

Sd678 Firmware by Qualcomm

Sd690 5g Firmware by Qualcomm

Sd720g Firmware by Qualcomm

Sd730 Firmware by Qualcomm

Sd750g Firmware by Qualcomm

Sd765 Firmware by Qualcomm

Sd765g Firmware by Qualcomm

Sd768g Firmware by Qualcomm

Sd778g Firmware by Qualcomm

Sd780g Firmware by Qualcomm

Sd855 Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sd870 Firmware by Qualcomm

Sd888 5g Firmware by Qualcomm

Sd888 Firmware by Qualcomm

Sdm630 Firmware by Qualcomm

Sdx50m Firmware by Qualcomm

Sdx55 Firmware by Qualcomm

Sdx55m Firmware by Qualcomm

Sdxr1 Firmware by Qualcomm

Sdxr2 5g Firmware by Qualcomm

Sm4125 Firmware by Qualcomm

Sm6250 Firmware by Qualcomm

Sm6250p Firmware by Qualcomm

Sm7250 Firmware by Qualcomm

Sm7325 Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9371 Firmware by Qualcomm

Wcd9375 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm