← Back

CVE-2020-11148

nvd nist
Published: Jan 21, 2021Modified: Nov 21, 2024

JSON object

Loading...
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD

Description

Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Affected (246)

Products: Qualcomm: Apq8017, Apq8053, Msm8917, Msm8953, Pm215, Pm3003a, Pm439, Pm6125, Pm6150, Pm6150a, Pm6150l, Pm6350, Pm640a, Pm640l, Pm640p, Pm660, Pm660l, Pm670, Pm670l, Pm7150a, Pm7150l, Pm7250, Pm7250b, Pm7350c, Pm8008, Pm8009, Pm8150a, Pm8150b, Pm8150c, Pm8150l, Pm8250, Pm8350, Pm8350b, Pm8350bh, Pm8350bhs, Pm8350c, Pm855, Pm855b, Pm855l, Pm8916, Pm8937, Pm8953, Pmi632, Pmi8937, Pmi8952, Pmk7350, Pmk8002, Pmk8003, Pmk8350, Pmm8195au, Pmm855au, Pmr525, Pmr735a, Pmr735b, Pmx55, Qat3514, Qat3516, Qat3518, Qat3519, Qat3522, Qat3550, Qat3555, Qat5515, Qat5516, Qat5522, Qat5533, Qat5568, Qbt1500, Qbt2000, Qca6390, Qca6391, Qca6421, Qca6426, Qca6431, Qca6436, Qca6574a, Qca6574au, Qca6595, Qca6595au, Qca6696, Qcs605, Qdm2301, Qdm2302, Qdm2305, Qdm2307, Qdm2308, Qdm2310, Qdm3301, Qdm3302, Qdm4643, Qdm4650, Qdm5579, Qdm5620, Qdm5621, Qdm5650, Qdm5652, Qdm5670, Qdm5671, Qdm5677, Qdm5679, Qet4101, Qet5100, Qet5100m, Qet6100, Qet6110, Qfe2101, Qfe2520, Qfe2550, Qfe3340, Qfe4301, Qfe4302, Qfe4303, Qfe4305, Qfe4308, Qfe4309, Qfe4320, Qfe4373fc, Qfs2530, Qfs2580, Qfs2608, Qfs2630, Qln4642, Qln4650, Qln5020, Qln5030, Qln5040, Qpa2625, Qpa4360, Qpa4361, Qpa5373, Qpa5461, Qpa5580, Qpa5581, Qpa6560, Qpa8673, Qpa8686, Qpa8801, Qpa8802, Qpa8803, Qpa8821, Qpa8842, Qpm4621, Qpm4630, Qpm4640, Qpm4641, Qpm4650, Qpm5621, Qpm5641, Qpm5658, Qpm5670, Qpm5677, Qpm5679, Qpm5870, Qpm5875, Qpm6582, Qpm6585, Qpm6621, Qpm6670, Qpm8820, Qpm8830, Qpm8870, Qpm8895, Qsm7250, Qsw6310, Qsw8573, Qsw8574, Qtc410s, Qtc800h, Qtc801s, Qtm525, Qualcomm215, Sa6155p, Sa8150p, Sa8155, Sa8195p, Sd429, Sd439, Sd632, Sd665, Sd675, Sd6905g, Sd750g, Sd765, Sd765g, Sd768g, Sd855, Sd8655g, Sd8885g, Sda429w, Sdm429w, Sdr660, Sdr660g, Sdr735, Sdr735g, Sdr8250, Sdr865, Sdx55, Sdx55m, Sdxr1, Sdxr25g, Sm7250p, Sm7350, Smb1351, Smb1355, Smb1358, Smb1360, Smb1381, Smb1390, Smb1394, Smb1395, Smb1396, Smb1398, Smr525, Smr526, Smr545, Smr546, Wcd9326, Wcd9341, Wcd9370, Wcd9375, Wcd9380, Wcd9385, Wcn3610, Wcn3615, Wcn3620, Wcn3660b, Wcn3680, Wcn3680b, Wcn3950, Wcn3980, Wcn3988, Wcn3990, Wcn3991, Wcn3998, Wcn6740, Wcn6850, Wcn6851, Wcn6856, Wgr7640, Wsa8810, Wsa8815, Wsa8830, Wsa8835, Wtr2955, Wtr2965, Wtr3925
Qualcomm
246 products
Apq8017
Apq8053
Msm8917
Msm8953
Pm215
Pm3003a
Pm439
Pm6125
Pm6150
Pm6150a
Pm6150l
Pm6350
Pm640a
Pm640l
Pm640p
Pm660
Pm660l
Pm670
Pm670l
Pm7150a
Pm7150l
Pm7250
Pm7250b
Pm7350c
Pm8008
Pm8009
Pm8150a
Pm8150b
Pm8150c
Pm8150l
Pm8250
Pm8350
Pm8350b
Pm8350bh
Pm8350bhs
Pm8350c
Pm855
Pm855b
Pm855l
Pm8916
Pm8937
Pm8953
Pmi632
Pmi8937
Pmi8952
Pmk7350
Pmk8002
Pmk8003
Pmk8350
Pmm8195au
Pmm855au
Pmr525
Pmr735a
Pmr735b
Pmx55
Qat3514
Qat3516
Qat3518
Qat3519
Qat3522
Qat3550
Qat3555
Qat5515
Qat5516
Qat5522
Qat5533
Qat5568
Qbt1500
Qbt2000
Qca6390
Qca6391
Qca6421
Qca6426
Qca6431
Qca6436
Qca6574a
Qca6574au
Qca6595
Qca6595au
Qca6696
Qcs605
Qdm2301
Qdm2302
Qdm2305
Qdm2307
Qdm2308
Qdm2310
Qdm3301
Qdm3302
Qdm4643
Qdm4650
Qdm5579
Qdm5620
Qdm5621
Qdm5650
Qdm5652
Qdm5670
Qdm5671
Qdm5677
Qdm5679
Qet4101
Qet5100
Qet5100m
Qet6100
Qet6110
Qfe2101
Qfe2520
Qfe2550
Qfe3340
Qfe4301
Qfe4302
Qfe4303
Qfe4305
Qfe4308
Qfe4309
Qfe4320
Qfe4373fc
Qfs2530
Qfs2580
Qfs2608
Qfs2630
Qln4642
Qln4650
Qln5020
Qln5030
Qln5040
Qpa2625
Qpa4360
Qpa4361
Qpa5373
Qpa5461
Qpa5580
Qpa5581
Qpa6560
Qpa8673
Qpa8686
Qpa8801
Qpa8802
Qpa8803
Qpa8821
Qpa8842
Qpm4621
Qpm4630
Qpm4640
Qpm4641
Qpm4650
Qpm5621
Qpm5641
Qpm5658
Qpm5670
Qpm5677
Qpm5679
Qpm5870
Qpm5875
Qpm6582
Qpm6585
Qpm6621
Qpm6670
Qpm8820
Qpm8830
Qpm8870
Qpm8895
Qsm7250
Qsw6310
Qsw8573
Qsw8574
Qtc410s
Qtc800h
Qtc801s
Qtm525
Qualcomm215
Sa6155p
Sa8150p
Sa8155
Sa8195p
Sd429
Sd439
Sd632
Sd665
Sd675
Sd6905g
Sd750g
Sd765
Sd765g
Sd768g
Sd855
Sd8655g
Sd8885g
Sda429w
Sdm429w
Sdr660
Sdr660g
Sdr735
Sdr735g
Sdr8250
Sdr865
Sdx55
Sdx55m
Sdxr1
Sdxr25g
Sm7250p
Sm7350
Smb1351
Smb1355
Smb1358
Smb1360
Smb1381
Smb1390
Smb1394
Smb1395
Smb1396
Smb1398
Smr525
Smr526
Smr545
Smr546
Wcd9326
Wcd9341
Wcd9370
Wcd9375
Wcd9380
Wcd9385
Wcn3610
Wcn3615
Wcn3620
Wcn3660b
Wcn3680
Wcn3680b
Wcn3950
Wcn3980
Wcn3988
Wcn3990
Wcn3991
Wcn3998
Wcn6740
Wcn6850
Wcn6851
Wcn6856
Wgr7640
Wsa8810
Wsa8815
Wsa8830
Wsa8835
Wtr2955
Wtr2965
Wtr3925
Configuration A
246 vulnerable
Vulnerable SoftwareAffected Versions
Apq8017
All versions
Apq8053
All versions
Msm8917
All versions
Msm8953
All versions
Pm215
All versions
Pm3003a
All versions
Pm439
All versions
Pm6125
All versions
Pm6150
All versions
Pm6150a
All versions
Pm6150l
All versions
Pm6350
All versions
Pm640a
All versions
Pm640l
All versions
Pm640p
All versions
Pm660
All versions
Pm660l
All versions
Pm670
All versions
Pm670l
All versions
Pm7150a
All versions
Pm7150l
All versions
Pm7250
All versions
Pm7250b
All versions
Pm7350c
All versions
Pm8008
All versions
Pm8009
All versions
Pm8150a
All versions
Pm8150b
All versions
Pm8150c
All versions
Pm8150l
All versions
Pm8250
All versions
Pm8350
All versions
Pm8350b
All versions
Pm8350bh
All versions
Pm8350bhs
All versions
Pm8350c
All versions
Pm855
All versions
Pm855b
All versions
Pm855l
All versions
Pm8916
All versions
Pm8937
All versions
Pm8953
All versions
Pmi632
All versions
Pmi8937
All versions
Pmi8952
All versions
Pmk7350
All versions
Pmk8002
All versions
Pmk8003
All versions
Pmk8350
All versions
Pmm8195au
All versions
Pmm855au
All versions
Pmr525
All versions
Pmr735a
All versions
Pmr735b
All versions
Pmx55
All versions
Qat3514
All versions
Qat3516
All versions
Qat3518
All versions
Qat3519
All versions
Qat3522
All versions
Qat3550
All versions
Qat3555
All versions
Qat5515
All versions
Qat5516
All versions
Qat5522
All versions
Qat5533
All versions
Qat5568
All versions
Qbt1500
All versions
Qbt2000
All versions
Qca6390
All versions
Qca6391
All versions
Qca6421
All versions
Qca6426
All versions
Qca6431
All versions
Qca6436
All versions
Qca6574a
All versions
Qca6574au
All versions
Qca6595
All versions
Qca6595au
All versions
Qca6696
All versions
Qcs605
All versions
Qdm2301
All versions
Qdm2302
All versions
Qdm2305
All versions
Qdm2307
All versions
Qdm2308
All versions
Qdm2310
All versions
Qdm3301
All versions
Qdm3302
All versions
Qdm4643
All versions
Qdm4650
All versions
Qdm5579
All versions
Qdm5620
All versions
Qdm5621
All versions
Qdm5650
All versions
Qdm5652
All versions
Qdm5670
All versions
Qdm5671
All versions
Qdm5677
All versions
Qdm5679
All versions
Qet4101
All versions
Qet5100
All versions
Qet5100m
All versions
Qet6100
All versions
Qet6110
All versions
Qfe2101
All versions
Qfe2520
All versions
Qfe2550
All versions
Qfe3340
All versions
Qfe4301
All versions
Qfe4302
All versions
Qfe4303
All versions
Qfe4305
All versions
Qfe4308
All versions
Qfe4309
All versions
Qfe4320
All versions
Qfe4373fc
All versions
Qfs2530
All versions
Qfs2580
All versions
Qfs2608
All versions
Qfs2630
All versions
Qln4642
All versions
Qln4650
All versions
Qln5020
All versions
Qln5030
All versions
Qln5040
All versions
Qpa2625
All versions
Qpa4360
All versions
Qpa4361
All versions
Qpa5373
All versions
Qpa5461
All versions
Qpa5580
All versions
Qpa5581
All versions
Qpa6560
All versions
Qpa8673
All versions
Qpa8686
All versions
Qpa8801
All versions
Qpa8802
All versions
Qpa8803
All versions
Qpa8821
All versions
Qpa8842
All versions
Qpm4621
All versions
Qpm4630
All versions
Qpm4640
All versions
Qpm4641
All versions
Qpm4650
All versions
Qpm5621
All versions
Qpm5641
All versions
Qpm5658
All versions
Qpm5670
All versions
Qpm5677
All versions
Qpm5679
All versions
Qpm5870
All versions
Qpm5875
All versions
Qpm6582
All versions
Qpm6585
All versions
Qpm6621
All versions
Qpm6670
All versions
Qpm8820
All versions
Qpm8830
All versions
Qpm8870
All versions
Qpm8895
All versions
Qsm7250
All versions
Qsw6310
All versions
Qsw8573
All versions
Qsw8574
All versions
Qtc410s
All versions
Qtc800h
All versions
Qtc801s
All versions
Qtm525
All versions
Qualcomm215
All versions
Sa6155p
All versions
Sa8150p
All versions
Sa8155
All versions
Sa8195p
All versions
Sd429
All versions
Sd439
All versions
Sd632
All versions
Sd665
All versions
Sd675
All versions
Sd6905g
All versions
Sd750g
All versions
Sd765
All versions
Sd765g
All versions
Sd768g
All versions
Sd855
All versions
Sd8655g
All versions
Sd8885g
All versions
Sda429w
All versions
Sdm429w
All versions
Sdr660
All versions
Sdr660g
All versions
Sdr735
All versions
Sdr735g
All versions
Sdr8250
All versions
Sdr865
All versions
Sdx55
All versions
Sdx55m
All versions
Sdxr1
All versions
Sdxr25g
All versions
Sm7250p
All versions
Sm7350
All versions
Smb1351
All versions
Smb1355
All versions
Smb1358
All versions
Smb1360
All versions
Smb1381
All versions
Smb1390
All versions
Smb1394
All versions
Smb1395
All versions
Smb1396
All versions
Smb1398
All versions
Smr525
All versions
Smr526
All versions
Smr545
All versions
Smr546
All versions
Wcd9326
All versions
Wcd9341
All versions
Wcd9370
All versions
Wcd9375
All versions
Wcd9380
All versions
Wcd9385
All versions
Wcn3610
All versions
Wcn3615
All versions
Wcn3620
All versions
Wcn3660b
All versions
Wcn3680
All versions
Wcn3680b
All versions
Wcn3950
All versions
Wcn3980
All versions
Wcn3988
All versions
Wcn3990
All versions
Wcn3991
All versions
Wcn3998
All versions
Wcn6740
All versions
Wcn6850
All versions
Wcn6851
All versions
Wcn6856
All versions
Wgr7640
All versions
Wsa8810
All versions
Wsa8815
All versions
Wsa8830
All versions
Wsa8835
All versions
Wtr2955
All versions
Wtr2965
All versions
Wtr3925
All versions

Related CWEs

CWE-416
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (3)

Source: product-security@qualcomm.com
Broken Link
Source: nvd@nist.gov
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.