PT-2022-9976 · Qualcomm · Snapdragon Industrial Iot+4
Published
2022-01-13
·
Updated
2023-04-19
·
CVE-2021-30307
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Snapdragon Auto (affected versions not specified)
Snapdragon Compute (affected versions not specified)
Snapdragon Connectivity (affected versions not specified)
Snapdragon Consumer IOT (affected versions not specified)
Snapdragon Industrial IOT (affected versions not specified)
Description
The issue is related to a possible denial of service due to improper validation of DNS response when the DNS client requests with PTR, NAPTR, or SRV query type.
Recommendations
For Snapdragon Auto, update to a version that properly validates DNS responses for PTR, NAPTR, or SRV query types.
For Snapdragon Compute, update to a version that properly validates DNS responses for PTR, NAPTR, or SRV query types.
For Snapdragon Connectivity, update to a version that properly validates DNS responses for PTR, NAPTR, or SRV query types.
For Snapdragon Consumer IOT, update to a version that properly validates DNS responses for PTR, NAPTR, or SRV query types.
For Snapdragon Industrial IOT, update to a version that properly validates DNS responses for PTR, NAPTR, or SRV query types.
Fix
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer Iot
Snapdragon Industrial Iot