CVE-2021-35100

Q: What is the severity of CVE-2021-35100?

CVE-2021-35100 has a CVSS score of 7.5 (HIGH). This vulnerability is a buffer over-read in Qualcomm Snapdragon chipsets when parsing ID3 tags in media files. It allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information. Affected devices include smartphones, wearables, automotive systems, and IoT devices using vulnerable Snapdragon components.

7.5 HIGH

Buffer Overflow

📋 TL;DR

This vulnerability is a buffer over-read in Qualcomm Snapdragon chipsets when parsing ID3 tags in media files. It allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information. Affected devices include smartphones, wearables, automotive systems, and IoT devices using vulnerable Snapdragon components.

💻 Affected Systems

Products:

Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer IOT
Snapdragon Industrial IOT
Snapdragon Mobile
Snapdragon Voice & Music
Snapdragon Wearables

Versions: Specific chipset versions not detailed in bulletin; check Qualcomm advisory for exact affected silicon revisions.

Operating Systems: Android, Linux-based embedded systems, Automotive OS variants

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is in firmware/driver layer, affecting multiple device types across Qualcomm's product lines. Exact impact depends on how media parsing is implemented in each device.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Information disclosure through memory leaks, potentially exposing sensitive data like encryption keys or user information.

🟢

If Mitigated

Denial of service through application crashes or limited information disclosure if memory protections are enabled.

🌐 Internet-Facing: MEDIUM - Requires processing malicious media files, which could come from untrusted sources like downloads or messaging apps.

🏢 Internal Only: LOW - Primarily affects client devices rather than internal infrastructure servers.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting malicious media files with specially crafted ID3 tags. No public exploit code is known, but the vulnerability is in widely deployed hardware.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to device manufacturer updates - Qualcomm has provided fixes to OEM partners.

Vendor Advisory: https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin

Restart Required: Yes

Instructions:

1. Check with device manufacturer for security updates. 2. Apply available firmware/OS updates. 3. For embedded systems, contact Qualcomm or OEM for patched firmware images. 4. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict media file sources

all

Limit media file processing to trusted sources only

Disable automatic media parsing

all

Configure applications to not automatically parse media metadata

🧯 If You Can't Patch

Network segmentation to isolate vulnerable devices from untrusted networks
Implement application allowlisting to restrict which apps can process media files

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against manufacturer security bulletins. Use 'getprop ro.build.fingerprint' on Android devices to check build information.

Check Version:

Android: 'getprop ro.build.version.security_patch' or 'getprop ro.vendor.build.security_patch'

Verify Fix Applied:

Verify security patch level is April 2022 or later. Check for Qualcomm security bulletin mentions in update notes.

📡 Detection & Monitoring

Log Indicators:

Media application crashes
Kernel panic logs related to audio/video processing
Memory access violation errors

Network Indicators:

Unusual media file downloads from suspicious sources
Multiple failed media parsing attempts

SIEM Query:

Process crashes with module names containing 'audio', 'media', or 'qcom' combined with memory access violation error codes

📊 Metadata

CVE ID: CVE-2021-35100

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-125

Published: June 14, 2022

Last Updated: November 21, 2024

🔗 References

https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Apq8009w Firmware by Qualcomm

Apq8017 Firmware by Qualcomm

Apq8064au Firmware by Qualcomm

Apq8096au Firmware by Qualcomm

Aqt1000 Firmware by Qualcomm

Ar8031 Firmware by Qualcomm

Csra6620 Firmware by Qualcomm

Csra6640 Firmware by Qualcomm

Fsm10055 Firmware by Qualcomm

Fsm10056 Firmware by Qualcomm

Mdm9206 Firmware by Qualcomm

Mdm9250 Firmware by Qualcomm

Mdm9607 Firmware by Qualcomm

Mdm9628 Firmware by Qualcomm

Msm8909w Firmware by Qualcomm

Msm8996au Firmware by Qualcomm

Qca6174a Firmware by Qualcomm

Qca6390 Firmware by Qualcomm

Qca6391 Firmware by Qualcomm

Qca6426 Firmware by Qualcomm

Qca6436 Firmware by Qualcomm

Qca6564a Firmware by Qualcomm

Qca6564au Firmware by Qualcomm

Qca6574 Firmware by Qualcomm

Qca6574a Firmware by Qualcomm

Qca6574au Firmware by Qualcomm

Qca6584au Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca9367 Firmware by Qualcomm

Qca9377 Firmware by Qualcomm

Qcm2290 Firmware by Qualcomm

Qcm4290 Firmware by Qualcomm

Qcm6125 Firmware by Qualcomm

Qcm6490 Firmware by Qualcomm

Qcs2290 Firmware by Qualcomm

Qcs405 Firmware by Qualcomm

Qcs410 Firmware by Qualcomm

Qcs4290 Firmware by Qualcomm

Qcs603 Firmware by Qualcomm

Qcs605 Firmware by Qualcomm

Qcs610 Firmware by Qualcomm

Qcs6125 Firmware by Qualcomm

Qcs6490 Firmware by Qualcomm

Qualcomm215 Firmware by Qualcomm

Sa6145p Firmware by Qualcomm

Sa6150p Firmware by Qualcomm

Sa6155 Firmware by Qualcomm

Sa6155p Firmware by Qualcomm

Sa8145p Firmware by Qualcomm

Sa8150p Firmware by Qualcomm

Sa8155 Firmware by Qualcomm

Sa8155p Firmware by Qualcomm

Sa8195p Firmware by Qualcomm

Sd 675 Firmware by Qualcomm

Sd 8 Gen1 5g Firmware by Qualcomm

Sd205 Firmware by Qualcomm

Sd210 Firmware by Qualcomm

Sd429 Firmware by Qualcomm

Sd460 Firmware by Qualcomm

Sd480 Firmware by Qualcomm

Sd662 Firmware by Qualcomm

Sd675 Firmware by Qualcomm

Sd678 Firmware by Qualcomm

Sd690 5g Firmware by Qualcomm

Sd720g Firmware by Qualcomm

Sd730 Firmware by Qualcomm

Sd750g Firmware by Qualcomm

Sd765 Firmware by Qualcomm

Sd765g Firmware by Qualcomm

Sd768g Firmware by Qualcomm

Sd778g Firmware by Qualcomm

Sd780g Firmware by Qualcomm

Sd855 Firmware by Qualcomm

Sd865 5g Firmware by Qualcomm

Sd870 Firmware by Qualcomm

Sd888 5g Firmware by Qualcomm