CVE-2021-30288

Q: What is the severity of CVE-2021-30288?

CVE-2021-30288 has a CVSS score of 8.4 (HIGH). This vulnerability allows attackers to trigger a stack overflow by exploiting improper length validation of TLV (Type-Length-Value) data structures in Qualcomm Snapdragon chipsets. Successful exploitation could lead to arbitrary code execution or denial of service. Affected devices include smartphones, IoT devices, automotive systems, and networking equipment using vulnerable Snapdragon processors.

8.4 HIGH

📋 TL;DR

This vulnerability allows attackers to trigger a stack overflow by exploiting improper length validation of TLV (Type-Length-Value) data structures in Qualcomm Snapdragon chipsets. Successful exploitation could lead to arbitrary code execution or denial of service. Affected devices include smartphones, IoT devices, automotive systems, and networking equipment using vulnerable Snapdragon processors.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer Electronics Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon IoT
Snapdragon Mobile
Snapdragon Voice & Music
Snapdragon Wired Infrastructure and Networking

Versions: Specific chipset versions not detailed in public advisory

Operating Systems: Android, Linux-based embedded systems, Automotive OS variants

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in firmware/driver layer, affecting multiple device types across different industries.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges, allowing complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Denial of service causing device crashes or instability, potentially requiring physical reset.

🟢

If Mitigated

Limited impact if proper input validation and memory protections are implemented at application layer.

🌐 Internet-Facing: MEDIUM - Many affected devices are internet-connected but exploitation requires specific conditions.

🏢 Internal Only: HIGH - Internal systems using affected chipsets could be compromised through network attacks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending malformed TLV data to vulnerable components, but specific attack vectors depend on device configuration and exposed interfaces.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm October 2021 security bulletin for specific chipset updates

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates 2. Apply Qualcomm-provided patches through OEM channels 3. Reboot device after update 4. Verify patch installation

🔧 Temporary Workarounds

Network segmentation

all

Isolate affected devices from untrusted networks to limit attack surface

Input validation at application layer

all

Implement additional TLV length validation in applications using affected components

🧯 If You Can't Patch

Implement strict network access controls to limit communication with affected devices
Monitor for abnormal device behavior or crashes indicating potential exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check device chipset model and firmware version against Qualcomm's advisory. Use 'cat /proc/cpuinfo' on Linux-based systems to identify Snapdragon processors.

Check Version:

Device-specific commands vary by manufacturer. On Android: 'getprop ro.build.fingerprint' or check Settings > About Phone

Verify Fix Applied:

Verify firmware version has been updated to post-October 2021 release. Check with device manufacturer for specific patch verification procedures.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Driver crash reports
Unexpected process termination in system logs

Network Indicators:

Unusual TLV traffic patterns to device management interfaces
Protocol anomalies in chipset communication

SIEM Query:

Search for 'kernel panic' OR 'segmentation fault' OR 'stack overflow' in device logs from Snapdragon-based systems

📊 Metadata

CVE ID: CVE-2021-30288

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: October 20, 2021

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Apq8009 Firmware by Qualcomm

Apq8053 Firmware by Qualcomm

Apq8096au Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Ar8031 Firmware by Qualcomm

Ar8035 Firmware by Qualcomm

Csr8811 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Csrb31024 Firmware by Qualcomm

Ipq5010 Firmware by Qualcomm

Ipq5018 Firmware by Qualcomm

Ipq5028 Firmware by Qualcomm

Ipq6000 Firmware by Qualcomm

Ipq6005 Firmware by Qualcomm

Ipq6010 Firmware by Qualcomm

Ipq6018 Firmware by Qualcomm

Ipq6028 Firmware by Qualcomm

Ipq8070 Firmware by Qualcomm

Ipq8070a Firmware by Qualcomm

Ipq8071 Firmware by Qualcomm

Ipq8071a Firmware by Qualcomm

Ipq8072 Firmware by Qualcomm

Ipq8072a Firmware by Qualcomm

Ipq8074 Firmware by Qualcomm

Ipq8074a Firmware by Qualcomm

Ipq8076 Firmware by Qualcomm

Ipq8076a Firmware by Qualcomm

Ipq8078 Firmware by Qualcomm

Ipq8078a Firmware by Qualcomm

Ipq8173 Firmware by Qualcomm

Ipq8174 Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Pmp8074 Firmware by Qualcomm

Qca1023 Firmware by Qualcomm

Qca1062 Firmware by Qualcomm

Qca1064 Firmware by Qualcomm

Qca10901 Firmware by Qualcomm

Qca2062 Firmware by Qualcomm

Qca2064 Firmware by Qualcomm

Qca2065 Firmware by Qualcomm

Qca2066 Firmware by Qualcomm

Qca4010 Firmware by Qualcomm

Qca4020 Firmware by Qualcomm

Qca4024 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6310 Firmware by Qualcomm

Qca6335 Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6420 Firmware by Qualcomm

Qca6421 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6428 Firmware by Qualcomm

Qca6430 Firmware by Qualcomm

Qca6431 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6438 Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6694 Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8072 Firmware by Qualcomm

Qca8075 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca9369 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qca9379 Firmware by Qualcomm

Qca9888 Firmware by Qualcomm

Qca9889 Firmware by Qualcomm

Qca9984 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm