CVE-2021-1906 — Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability

2021-11-03 • CISA Known Exploited Vulnerability

[event] Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.

> AFFECTED SOFTWARE

Field	Value
Vendor	Qualcomm
Product	Multiple Chipsets
CWE	CWE-390
CVE ID	CVE-2021-1906
Date Added	2021-11-03
Due Date	2021-11-17
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2021-11-17

> REFERENCES

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-1906