Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
総合評価: CVE-2021-1905 は在野悪用が確認された重大脅威(80.9/100)。CVSS 深刻度は高。悪用される可能性が高い(EPSS 1.15%、63 パーセンタイル) 根拠: CISA KEV に登録(追加日 2021-11-03)。Qualcomm / Multiple Chipsets が対象で、弱点分類 CWE-416の悪用が確認されています。未認証でリモート管理権限を奪取されるリスクが極めて高い。 推奨対応: CISA の対応期限を過ぎています。緊急のパッチ適用を最優先に検討してください。
リスクは変動します。再評価に基づき、本ページの表示内容を更新しています。
: Qualcomm Multiple Chipsets Use-After-Free Vulnerability · CISA KEV の詳細
: 2021-11-03
: 2022-05-03
: Apply updates per vendor instructions.
EPSS は日次で悪用されやすさの相対度合いを推定します。パーセンタイルは採点済み CVE の中での相対位置(高いほど相対的に深刻)を示します。
| # | 日付 | 旧 EPSS スコア | 新 EPSS スコア | Δ(新 − 旧) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.76% | 1.15% | +0.39% |
| 2 | 2026-06-01 | 0.65% | 0.76% | +0.11% |
| 3 | 2026-04-20 | — | 0.65% | — |
EPSS の全履歴 (全 24 件)
この CVE の CVSS 指標。
| ベーススコア | バージョン | 深刻度 | ベクトル | 悪用しやすさ | 影響 | スコアの出典 |
|---|---|---|---|---|---|---|
| 8.4 | 3.1 | HIGH |
|
2.5 | 5.9 | [email protected] |
| 7.8 | 3.1 | HIGH |
|
1.8 | 5.9 | [email protected] |
| 7.2 | 2.0 | HIGH |
|
3.9 | 10.0 | [email protected] |
| ベンダー | 製品 | バージョン | 生の CPE |
|---|---|---|---|
| qualcomm | apq8009_firmware | — | cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:* |
| qualcomm | apq8009w_firmware | — | cpe:2.3:o:qualcomm:apq8009w_firmware:-:*:*:*:*:*:*:* |
| qualcomm | apq8017_firmware | — | cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:* |
| qualcomm | apq8053_firmware | — | cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:* |
| qualcomm | apq8064au_firmware | — | cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | apq8096au_firmware | — | cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | aqt1000_firmware | — | cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ar8031_firmware | — | cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ar8035_firmware | — | cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ar8151_firmware | — | cpe:2.3:o:qualcomm:ar8151_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6620_firmware | — | cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6640_firmware | — | cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fsm10055_firmware | — | cpe:2.3:o:qualcomm:fsm10055_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fsm10056_firmware | — | cpe:2.3:o:qualcomm:fsm10056_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9206_firmware | — | cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9607_firmware | — | cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9626_firmware | — | cpe:2.3:o:qualcomm:mdm9626_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9628_firmware | — | cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9650_firmware | — | cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* |
| qualcomm | msm8909w_firmware | — | cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:* |
| qualcomm | msm8917_firmware | — | cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:* |
| qualcomm | msm8953_firmware | — | cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:* |
| qualcomm | msm8996au_firmware | — | cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm215_firmware | — | cpe:2.3:o:qualcomm:pm215_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm3003a_firmware | — | cpe:2.3:o:qualcomm:pm3003a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm4125_firmware | — | cpe:2.3:o:qualcomm:pm4125_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm4250_firmware | — | cpe:2.3:o:qualcomm:pm4250_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm439_firmware | — | cpe:2.3:o:qualcomm:pm439_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm456_firmware | — | cpe:2.3:o:qualcomm:pm456_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm6125_firmware | — | cpe:2.3:o:qualcomm:pm6125_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm6150_firmware | — | cpe:2.3:o:qualcomm:pm6150_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm6150a_firmware | — | cpe:2.3:o:qualcomm:pm6150a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm6150l_firmware | — | cpe:2.3:o:qualcomm:pm6150l_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm6250_firmware | — | cpe:2.3:o:qualcomm:pm6250_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm6350_firmware | — | cpe:2.3:o:qualcomm:pm6350_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm640a_firmware | — | cpe:2.3:o:qualcomm:pm640a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm640l_firmware | — | cpe:2.3:o:qualcomm:pm640l_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm640p_firmware | — | cpe:2.3:o:qualcomm:pm640p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm660_firmware | — | cpe:2.3:o:qualcomm:pm660_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm660a_firmware | — | cpe:2.3:o:qualcomm:pm660a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm660l_firmware | — | cpe:2.3:o:qualcomm:pm660l_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm670_firmware | — | cpe:2.3:o:qualcomm:pm670_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm670a_firmware | — | cpe:2.3:o:qualcomm:pm670a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm670l_firmware | — | cpe:2.3:o:qualcomm:pm670l_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm7150a_firmware | — | cpe:2.3:o:qualcomm:pm7150a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm7150l_firmware | — | cpe:2.3:o:qualcomm:pm7150l_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm7250_firmware | — | cpe:2.3:o:qualcomm:pm7250_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm7250b_firmware | — | cpe:2.3:o:qualcomm:pm7250b_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8004_firmware | — | cpe:2.3:o:qualcomm:pm8004_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8005_firmware | — | cpe:2.3:o:qualcomm:pm8005_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8008_firmware | — | cpe:2.3:o:qualcomm:pm8008_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8009_firmware | — | cpe:2.3:o:qualcomm:pm8009_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8150_firmware | — | cpe:2.3:o:qualcomm:pm8150_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8150a_firmware | — | cpe:2.3:o:qualcomm:pm8150a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8150b_firmware | — | cpe:2.3:o:qualcomm:pm8150b_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8150c_firmware | — | cpe:2.3:o:qualcomm:pm8150c_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8150l_firmware | — | cpe:2.3:o:qualcomm:pm8150l_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8250_firmware | — | cpe:2.3:o:qualcomm:pm8250_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8350_firmware | — | cpe:2.3:o:qualcomm:pm8350_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8350b_firmware | — | cpe:2.3:o:qualcomm:pm8350b_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8350bh_firmware | — | cpe:2.3:o:qualcomm:pm8350bh_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8350c_firmware | — | cpe:2.3:o:qualcomm:pm8350c_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm855_firmware | — | cpe:2.3:o:qualcomm:pm855_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm855a_firmware | — | cpe:2.3:o:qualcomm:pm855a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm855b_firmware | — | cpe:2.3:o:qualcomm:pm855b_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm855l_firmware | — | cpe:2.3:o:qualcomm:pm855l_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm855p_firmware | — | cpe:2.3:o:qualcomm:pm855p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8909_firmware | — | cpe:2.3:o:qualcomm:pm8909_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8916_firmware | — | cpe:2.3:o:qualcomm:pm8916_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8937_firmware | — | cpe:2.3:o:qualcomm:pm8937_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8953_firmware | — | cpe:2.3:o:qualcomm:pm8953_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pm8998_firmware | — | cpe:2.3:o:qualcomm:pm8998_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pmc1000h_firmware | — | cpe:2.3:o:qualcomm:pmc1000h_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pmd9607_firmware | — | cpe:2.3:o:qualcomm:pmd9607_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pmd9655_firmware | — | cpe:2.3:o:qualcomm:pmd9655_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pme605_firmware | — | cpe:2.3:o:qualcomm:pme605_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pmi632_firmware | — | cpe:2.3:o:qualcomm:pmi632_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pmi8937_firmware | — | cpe:2.3:o:qualcomm:pmi8937_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pmi8952_firmware | — | cpe:2.3:o:qualcomm:pmi8952_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pmi8998_firmware | — | cpe:2.3:o:qualcomm:pmi8998_firmware:-:*:*:*:*:*:*:* |
| URL | タグ |
|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin | Patch Vendor Advisory |
| https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-1905 | US Government Resource |