CVE-2021-30263

Name of the Vulnerable Software and Affected Versions Snapdragon Compute (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon Mobile (affected versions not specified) Snapdragon Voice & Music (affected versions not specified)

Description A possible race condition can occur due to the lack of a synchronization mechanism when the On-Device Logging node is opened twice concurrently. This issue affects various Snapdragon products, including Compute, Industrial IOT, Mobile, and Voice & Music.

Recommendations For Snapdragon Compute, consider implementing a synchronization mechanism to prevent concurrent access to the On-Device Logging node. For Snapdragon Industrial IOT, restrict concurrent openings of the On-Device Logging node until a proper synchronization mechanism is implemented. For Snapdragon Mobile, as a temporary workaround, consider disabling the On-Device Logging node when not in use to minimize the risk of exploitation. For Snapdragon Voice & Music, avoid opening the On-Device Logging node concurrently to prevent potential race conditions. At the moment, there is no information about a newer version that contains a fix for this issue.