CVE-2021-1905

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto (affected versions not specified) Qualcomm Snapdragon Compute (affected versions not specified) Qualcomm Snapdragon Connectivity (affected versions not specified) Qualcomm Snapdragon Consumer IOT (affected versions not specified) Qualcomm Snapdragon Industrial IOT (affected versions not specified) Qualcomm Snapdragon Mobile (affected versions not specified) Qualcomm Snapdragon Voice & Music (affected versions not specified) Qualcomm Snapdragon Wearables (affected versions not specified)

Description The issue is related to a possible use after free due to improper handling of memory mapping of multiple processes simultaneously. This could allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For Qualcomm Snapdragon Auto, consider disabling the vulnerable memory mapping functionality until a patch is available. For Qualcomm Snapdragon Compute, restrict access to the affected memory areas to minimize the risk of exploitation. For Qualcomm Snapdragon Connectivity, avoid using the vulnerable memory mapping feature in multiple processes simultaneously until the issue is resolved. For Qualcomm Snapdragon Consumer IOT, temporarily disable the memory mapping function to prevent potential attacks. For Qualcomm Snapdragon Industrial IOT, restrict the use of the vulnerable memory mapping module to minimize the risk of exploitation. For Qualcomm Snapdragon Mobile, consider applying configuration changes to prevent the improper handling of memory mapping. For Qualcomm Snapdragon Voice & Music, avoid using the vulnerable memory mapping feature in multiple processes simultaneously until the issue is resolved. For Qualcomm Snapdragon Wearables, restrict access to the affected memory areas to minimize the risk of exploitation.