CVE-2021-35088
📋 TL;DR
This vulnerability allows attackers to read memory beyond intended boundaries during Wi-Fi SSID information element parsing when using DFS channels on affected Qualcomm Snapdragon chipsets. Successful exploitation could lead to information disclosure or system crashes. Affects numerous Qualcomm Snapdragon platforms across automotive, mobile, IoT, and networking devices.
💻 Affected Systems
- Snapdragon Auto
- Snapdragon Compute
- Snapdragon Connectivity
- Snapdragon Consumer IOT
- Snapdragon Industrial IOT
- Snapdragon Mobile
- Snapdragon Wearables
- Snapdragon Wired Infrastructure and Networking
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete device compromise, data theft, or persistent backdoor installation
Likely Case
Denial of service through system crashes or information disclosure via memory leaks
If Mitigated
Limited impact with proper network segmentation and exploit mitigations like ASLR
🎯 Exploit Status
Requires attacker to be within Wi-Fi range and device to be using DFS channels. No public exploits known as of March 2022 advisory.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Refer to Qualcomm March 2022 security bulletin for specific chipset firmware updates
Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin
Restart Required: Yes
Instructions:
1. Check device manufacturer for firmware updates. 2. Apply Qualcomm-provided firmware patches. 3. Reboot device. 4. Verify patch installation through version checks.
🔧 Temporary Workarounds
Disable DFS channel usage
allConfigure Wi-Fi to avoid Dynamic Frequency Selection channels
# Configuration varies by device - check Wi-Fi settings for channel selection
Disable Wi-Fi when not needed
allTurn off Wi-Fi radios on affected devices when wireless connectivity is not required
# Use device settings to disable Wi-Fi
# Command varies by platform: nmcli radio wifi off (Linux)
netsh interface set interface "Wi-Fi" admin=disable (Windows)
🧯 If You Can't Patch
- Segment affected devices on isolated network segments
- Implement strict network access controls and monitor for unusual Wi-Fi traffic patterns
🔍 How to Verify
Check if Vulnerable:
Check device chipset model and firmware version against Qualcomm's affected products listCheck Version:
# Android: getprop ro.bootloader or getprop ro.build.fingerprint
# Linux: cat /proc/cpuinfo | grep -i qualcommVerify Fix Applied:
Verify firmware version has been updated to post-March 2022 patches from device manufacturer📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- Wi-Fi driver crash logs
- Unexpected memory access errors in system logs
Network Indicators:
- Unusual Wi-Fi probe requests on DFS channels
- Malformed 802.11 frames targeting SSID information elements
SIEM Query:
source="*kernel*" AND ("panic" OR "oops" OR "segfault") AND ("wlan" OR "wifi" OR "802.11")