CVE-2021-35075

Q: What is the severity of CVE-2021-35075?

CVE-2021-35075 has a CVSS score of 8.4 (HIGH). This vulnerability allows attackers to cause denial of service or potentially execute arbitrary code by exploiting a null pointer dereference in Qualcomm Snapdragon WDOG driver registration. It affects devices using Snapdragon Auto, Connectivity, Industrial IoT, and Mobile platforms.

8.4 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows attackers to cause denial of service or potentially execute arbitrary code by exploiting a null pointer dereference in Qualcomm Snapdragon WDOG driver registration. It affects devices using Snapdragon Auto, Connectivity, Industrial IoT, and Mobile platforms.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Connectivity
Snapdragon Industrial IOT
Snapdragon Mobile

Versions: Specific chipset versions not publicly detailed in bulletin

Operating Systems: Android, Linux-based embedded systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices using vulnerable Qualcomm chipset firmware/drivers. Exact device models depend on OEM implementation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data exfiltration, or persistent backdoor installation.

🟠

Likely Case

Device crash or reboot causing denial of service, potentially disrupting critical operations in automotive or industrial systems.

🟢

If Mitigated

Limited impact with proper memory protection mechanisms and exploit mitigations in place.

🌐 Internet-Facing: MEDIUM - Requires specific conditions to be remotely exploitable, but affected devices may be internet-connected.

🏢 Internal Only: HIGH - Industrial and automotive systems often have critical functions where denial of service poses significant safety risks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires kernel-level access or ability to trigger specific driver operations. No public exploits known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Qualcomm February 2022 security bulletin for specific chipset patches

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin

Restart Required: Yes

Instructions:

1. Check Qualcomm bulletin for affected chipset versions. 2. Contact device manufacturer for firmware updates. 3. Apply provided patches. 4. Reboot device.

🔧 Temporary Workarounds

Disable vulnerable WDOG functionality

linux

If WDOG features are not required, disable them to prevent exploitation.

echo 0 > /sys/module/wdog_module/parameters/enable

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized kernel access
Deploy runtime memory protection solutions like ASLR and stack canaries

🔍 How to Verify

Check if Vulnerable:

Check device chipset version and compare against Qualcomm's affected list. Review kernel logs for WDOG-related crashes.

Check Version:

cat /proc/cpuinfo | grep -i qualcomm

Verify Fix Applied:

Verify firmware version has been updated to post-February 2022 patches. Test WDOG functionality stability.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
WDOG driver crash logs
Null pointer dereference errors in dmesg

Network Indicators:

Unexpected device reboots
Service disruptions in industrial/automotive systems

SIEM Query:

source="kernel" AND ("WDOG" OR "null pointer" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2021-35075

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-476

Published: February 11, 2022

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin Patch,Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/february-2022-bulletin Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ar8035 Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca8081 Firmware by Qualcomm

Qca8337 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Sa6145p Firmware by Qualcomm

Sa6150p Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa8145p Firmware by Qualcomm

Sa8150p Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sd 8 Gen1 5g Firmware by Qualcomm

Sd480 Firmware by Qualcomm

Sd778g Firmware by Qualcomm

Sd780g Firmware by Qualcomm

Sd888 5g Firmware by Qualcomm

Sd888 Firmware by Qualcomm

Sdx12 Firmware by Qualcomm

Sdx65 Firmware by Qualcomm

Sm6375 Firmware by Qualcomm

Sm7315 Firmware by Qualcomm

Sm7325p Firmware by Qualcomm

Wcd9335 Firmware by Qualcomm

Wcd9370 Firmware by Qualcomm

Wcd9375 Firmware by Qualcomm

Wcd9380 Firmware by Qualcomm

Wcd9385 Firmware by Qualcomm

Wcn3988 Firmware by Qualcomm

Wcn3991 Firmware by Qualcomm

Wcn3998 Firmware by Qualcomm

Wcn6740 Firmware by Qualcomm

Wcn6750 Firmware by Qualcomm

Wcn6850 Firmware by Qualcomm

Wcn6851 Firmware by Qualcomm

Wcn6855 Firmware by Qualcomm

Wcn6856 Firmware by Qualcomm

Wsa8810 Firmware by Qualcomm

Wsa8815 Firmware by Qualcomm

Wsa8830 Firmware by Qualcomm

Wsa8835 Firmware by Qualcomm