CISA Known Exploited Vulnerability

CVE-2021-1905

Qualcomm · Multiple Chipsets

Qualcomm Multiple Chipsets Use-After-Free Vulnerability

Date added 2021-11-03

BOD 22-01 due date 2022-05-03

CWE CWE-416

Ransomware Unknown

CISA description

Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.

Apply updates per vendor instructions.

Vulnerability data triggers these controls during assessment and continuous monitoring.