CVE-2020-3702 (GCVE-0-2020-3702)
Vulnerability from cvelistv5
Published
2020-09-08 09:31
Modified
2024-08-04 07:44
Severity ?
CWE
  • Cryptographic Issues in WIFI driver(Krook)
Summary
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
References
product-security@qualcomm.comhttps://lists.debian.org/debian-lts-announce/2021/10/msg00010.htmlMailing List, Third Party Advisory
product-security@qualcomm.comhttps://lists.debian.org/debian-lts-announce/2021/12/msg00012.htmlMailing List, Third Party Advisory
product-security@qualcomm.comhttps://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58Third Party Advisory
product-security@qualcomm.comhttps://www.debian.org/security/2021/dsa-4978Third Party Advisory
product-security@qualcomm.comhttps://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletinVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/10/msg00010.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/12/msg00012.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2021/dsa-4978Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletinVendor Advisory
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Version: APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:44:50.151Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58"
          },
          {
            "name": "DSA-4978",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-4978"
          },
          {
            "name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "u\u0027Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cryptographic Issues in WIFI driver(Krook)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-17T00:06:47",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58"
        },
        {
          "name": "DSA-4978",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2021/dsa-4978"
        },
        {
          "name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@qualcomm.com",
          "ID": "CVE-2020-3702",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Qualcomm, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "u\u0027Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cryptographic Issues in WIFI driver(Krook)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin",
              "refsource": "CONFIRM",
              "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58",
              "refsource": "CONFIRM",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58"
            },
            {
              "name": "DSA-4978",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2021/dsa-4978"
            },
            {
              "name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
            },
            {
              "name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2020-3702",
    "datePublished": "2020-09-08T09:31:47",
    "dateReserved": "2019-12-17T00:00:00",
    "dateUpdated": "2024-08-04T07:44:50.151Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-3702\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2020-09-08T10:15:16.340\",\"lastModified\":\"2024-11-21T05:31:36.317\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"u\u0027Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic\u0027 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150\"},{\"lang\":\"es\",\"value\":\"Un tr\u00e1fico espec\u00edficamente sincronizado y dise\u00f1ado puede causar errores internos en un dispositivo WLAN que conllevan a un cifrado inapropiado del Wi-Fi de capa 2 con la consiguiente posibilidad de divulgaci\u00f3n de informaci\u00f3n sobre el aire para un conjunto discreto de tr\u00e1fico en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026amp; Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking versiones APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":3.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-319\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B052615D-857A-46D4-9098-1CBFA14687C6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19B59B60-A298-4A56-A45A-E34B7AAB43D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94CB547F-0078-47CD-B511-06DE96882D5A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA679375-BB14-4B24-8AD9-B2BFBACE2FDB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A1CC1C1-F2CA-4C43-B9E9-1288C3496C7B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC82552A-9E7C-4A13-B7A5-43CEA218675C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE28A59C-7AA6-4B85-84E8-07852B96108E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DEE828B-09A7-4AC1-8134-491A7C87C118\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CA1E7B0-782B-4757-B118-802943798984\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95CB08EC-AE12-4A54-AA3C-998F01FC8763\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qca9531_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E71452E6-551F-4E93-9951-2582C60BDFCE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qca9531:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D69FB0E-FDFF-42B8-ADAD-797B7C91E979\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcn5502_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D33E62D2-931E-465C-BC8E-71FB36CF6E36\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcn5502:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"254F1AB0-C21A-41A6-9B9B-ED074A4C9EBD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36F5A18B-8C9E-4A38-B994-E3E2696BB83D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B703667D-DE09-40AF-BA44-E0E56252A790\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0CE1B23-6FE3-41C4-B264-C7A9E8BDBEC1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"794BA13C-3C63-4695-AA45-676F85D904BE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ABE492A-3755-4969-9DEB-4B85EBB84644\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3D3787B-6ACC-4591-B041-01307ED66C36\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:qualcomm:sm7150_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63A748F-2236-4486-83F1-DE4BCBE5D56D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:sm7150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"184F3DFC-27E8-48AC-B46C-C589DBCBF030\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arista:access_point:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.8.3-12\",\"matchCriteriaId\":\"5B3CF23B-9C45-4B3F-B077-02CC699A1DC5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:av2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74E5E321-2714-46FF-8F3F-4958EE7B3A5E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EE26D5A-486B-48F3-9C1C-4EE3FD8F0234\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c75-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E2ACBF3-F2B2-414E-92AE-20E4E80636B5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F9E4B2-63FC-4F53-9C12-7478B7B6AD48\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:o90e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CBAB8F1-1F56-4695-8F86-9AA994C4A6C0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F03BB48-C89A-41F6-99DE-12FF95DCD9F2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4978\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4978\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}