← Back

CVE-2020-11120

nvd nist
Published: Sep 8, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data buffer may not be valid and will lead to use after free scenario' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, APQ8098, Bitra, Kamorta, MSM8917, MSM8953, MSM8998, QCM2150, QCS405, QCS605, QM215, Rennell, Saipan, SDM429, SDM439, SDM450, SDM632, SM6150, SM7150, SM8150, SM8250, SXR2130

Affected (22)

Qualcomm
22 products
Apq8096au Firmware
Apq8098 Firmware
Bitra Firmware
Kamorta Firmware
Msm8917 Firmware
Msm8953 Firmware
Msm8998 Firmware
Qcm2150 Firmware
Qcs405 Firmware
Qcs605 Firmware
Qm215 Firmware
Rennell Firmware
Saipan Firmware
Sdm429 Firmware
Sdm439 Firmware
Sdm450 Firmware
Sdm632 Firmware
Sm6150 Firmware
Sm7150 Firmware
Sm8150 Firmware
Sm8250 Firmware
Sxr2130 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8096au Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8096au
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Apq8098 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Apq8098
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Bitra Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Bitra
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Kamorta Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Kamorta
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8917 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8917
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8953 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8953
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Msm8998 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Msm8998
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcm2150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcm2150
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs405 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs405
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qcs605 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qcs605
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qm215 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Qm215
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rennell Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Rennell
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Saipan Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Saipan
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm429 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm429
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm439 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm439
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm450 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm450
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdm632 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sdm632
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm6150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm6150
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm7150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm7150
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8150 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8150
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sm8250 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sm8250
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sxr2130 Firmware
All versions
Running on/withPlatform Versions
Qualcomm
Sxr2130
All versions

Related CWEs

CWE-416
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (3)

Source: product-security@qualcomm.com
Broken Link
Source: nvd@nist.gov
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.