CVEs-PoC/2021/CVE-2021-30297.md

### [CVE-2021-30297](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30297)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Auto%2C%20Snapdragon%20Compute%2C%20Snapdragon%20Connectivity%2C%20Snapdragon%20Consumer%20IOT%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Wearables&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Copy%20Without%20Checking%20Size%20of%20Input%20in%20VR%20Service&color=brighgreen)

### Description

Possible out of bound read due to improper validation of packet length while handling data transfer in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins/october-2021-bulletin

#### Github
No PoCs found on GitHub currently.