Products

Solutions

Company

Book A Live Demo

CVE-2021-35093 : Security Advisory and Response

Learn about CVE-2021-35093 impacting BlueCore by Qualcomm, involving memory corruption in Bluetooth controller firmware. Explore its impact, technical details, and mitigation steps.

Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore.

Understanding CVE-2021-35093

This CVE-2021-35093 describes a vulnerability in the BlueCore product of Qualcomm, Inc., related to memory corruption in the Bluetooth controller firmware.

What is CVE-2021-35093?

The CVE-2021-35093 involves potential memory corruption in the Bluetooth controller of certain BlueCore versions, leading to a denial of service when an oversized LMP packet is received over a 2-DH1 link.

The Impact of CVE-2021-35093

The impact of this vulnerability is rated as medium severity, with a CVSS base score of 6.5. If exploited, it can result in high availability impact.

Technical Details of CVE-2021-35093

This section provides detailed technical information about the vulnerability.

Vulnerability Description

The vulnerability arises from memory corruption in the Bluetooth controller firmware, triggered by receiving an oversized LMP packet over a 2-DH1 link.

Affected Systems and Versions

The affected product is BlueCore by Qualcomm, Inc., specifically versions CSR8510 A10 and CSR8811 A12.

Exploitation Mechanism

The vulnerability can be exploited by sending a specially crafted oversized LMP packet to the Bluetooth controller, causing memory corruption and subsequent denial of service.

Mitigation and Prevention

Protecting systems against CVE-2021-35093 requires immediate actions as well as long-term security measures.

Immediate Steps to Take

Immediately apply patches provided by Qualcomm, Inc. to mitigate the vulnerability. Monitor for unusual activities related to Bluetooth communications.

Long-Term Security Practices

Regularly update firmware and software to the latest versions. Implement network segmentation and access controls to limit exposure to potential attacks.

Patching and Updates

Stay informed about security bulletins from Qualcomm, Inc. and apply patches promptly to safeguard against known vulnerabilities.

CVE-2021-35093 : Security Advisory and Response

Understanding CVE-2021-35093

What is CVE-2021-35093?

The Impact of CVE-2021-35093

Technical Details of CVE-2021-35093

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2021-35093 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2021-35093

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2021-35093?

The Impact of CVE-2021-35093

Technical Details of CVE-2021-35093

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2021-35093

What is CVE-2021-35093?

Is your System Free of Underlying Vulnerabilities?
Find Out Now