CVEs-PoC/2021/CVE-2021-1961.md

### [CVE-2021-1961](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1961)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Auto%2C%20Snapdragon%20Compute%2C%20Snapdragon%20Connectivity%2C%20Snapdragon%20Consumer%20IOT%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Voice%20%26%20Music%2C%20Snapdragon%20Wearables&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=APQ8009%2C%20APQ8053%2C%20APQ8096AU%2C%20AQT1000%2C%20AR8031%2C%20AR8035%2C%20CSRA6620%2C%20CSRA6640%2C%20FSM10055%2C%20FSM10056%2C%20MDM9150%2C%20MDM9206%2C%20MDM9640%2C%20MDM9650%2C%20MSM8953%2C%20MSM8996AU%2C%20QCA6174A%2C%20QCA6390%2C%20QCA6391%2C%20QCA6420%2C%20QCA6421%2C%20QCA6426%2C%20QCA6430%2C%20QCA6431%2C%20QCA6436%2C%20QCA6564A%2C%20QCA6564AU%2C%20QCA6574%2C%20QCA6574A%2C%20QCA6574AU%2C%20QCA6584AU%2C%20QCA6595%2C%20QCA6595AU%2C%20QCA6696%2C%20QCA8337%2C%20QCA9367%2C%20QCA9377%2C%20QCM2290%2C%20QCM4290%2C%20QCM6125%2C%20QCS2290%2C%20QCS405%2C%20QCS410%2C%20QCS4290%2C%20QCS605%2C%20QCS610%2C%20QCS6125%2C%20QRB5165%2C%20QSM8250%2C%20Qualcomm215%2C%20SA6145P%2C%20SA6150P%2C%20SA6155%2C%20SA6155P%2C%20SA8145P%2C%20SA8150P%2C%20SA8155%2C%20SA8155P%2C%20SA8195P%2C%20SD%208C%2C%20SD%208CX%2C%20SD205%2C%20SD210%2C%20SD460%2C%20SD480%2C%20SD662%2C%20SD665%2C%20SD690%205G%2C%20SD720G%2C%20SD750G%2C%20SD765%2C%20SD765G%2C%20SD768G%2C%20SD778G%2C%20SD780G%2C%20SD855%2C%20SD865%205G%2C%20SD870%2C%20SD888%205G%2C%20SDA429W%2C%20SDX12%2C%20SDX55%2C%20SDX55M%2C%20SDXR2%205G%2C%20SM6250%2C%20SM7250P%2C%20SM7315%2C%20SM7325P%2C%20WCD9326%2C%20WCD9330%2C%20WCD9335%2C%20WCD9340%2C%20WCD9341%2C%20WCD9370%2C%20WCD9375%2C%20WCD9380%2C%20WCD9385%2C%20WCN3610%2C%20WCN3615%2C%20WCN3620%2C%20WCN3660B%2C%20WCN3680%2C%20WCN3680B%2C%20WCN3910%2C%20WCN3950%2C%20WCN3980%2C%20WCN3988%2C%20WCN3990%2C%20WCN3991%2C%20WCN3998%2C%20WCN3999%2C%20WCN6740%2C%20WCN6750%2C%20WCN6%20...%5Btruncated*%5D%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Copy%20Without%20Checking%20Size%20of%20Input%20in%20HLOS&color=brightgreen)

### Description

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins/september-2021-bulletin

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/BlackTom900131/awesome-game-security
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/gmh5225/awesome-game-security
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kdn111/linux-kernel-exploitation
- https://github.com/khanhdn111/linux-kernel-exploitation
- https://github.com/khanhdz-06/linux-kernel-exploitation
- https://github.com/khanhdz191/linux-kernel-exploitation
- https://github.com/khanhhdz/linux-kernel-exploitation
- https://github.com/khanhhdz06/linux-kernel-exploitation
- https://github.com/khanhnd123/linux-kernel-exploitation
- https://github.com/khnhdz/linux-kernel-exploitation
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/manas3c/CVE-POC
- https://github.com/nanaroam/kaditaroam
- https://github.com/ndk06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/robertfischman/game-security
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/tamirzb/CVE-2021-1961
- https://github.com/trevor0106/game-security
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve