CVE-2020-11181

Published: Jan 21, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Out of bound access issue while handling cvp process control command due to improper validation of buffer pointer received from HLOS in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Affected (39)

Products: Qualcomm: Pm3003a Firmware, Pm8009 Firmware, Pm8150a Firmware, Pm8150b Firmware, Pm8150c Firmware, Pm8150l Firmware, Pm8250 Firmware, Pmk8002 Firmware, Pmr525 Firmware, Pmx55 Firmware, Qbt2000 Firmware, Qca6390 Firmware, Qca6391 Firmware, Qca6421 Firmware, Qca6426 Firmware, Qca6431 Firmware, Qca6436 Firmware, Qfs2530 Firmware, Qfs2580 Firmware, Qsm8250 Firmware, Qtc800h Firmware, Qtc801s Firmware, Sd865 5g Firmware, Sdr8250 Firmware, Sdr865 Firmware, Sdx55 Firmware, Sdx55m Firmware, Sdxr2 5g Firmware, Smb1355 Firmware, Smb1390 Firmware, Smr525 Firmware, Smr526 Firmware, Wcd9380 Firmware, Wcd9385 Firmware, Wcn6750 Firmware, Wcn6850 Firmware, Wcn6851 Firmware, Wsa8810 Firmware, Wsa8815 Firmware

39 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm3003a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm3003a	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm8009 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm8009	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm8150a Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm8150a	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm8150b Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm8150b	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm8150c Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm8150c	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm8150l Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm8150l	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pm8250 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pm8250	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pmk8002 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pmk8002	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pmr525 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pmr525	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Pmx55 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Pmx55	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qbt2000 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qbt2000	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6390 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6390	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6391 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6391	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6421 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6421	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6426 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6426	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6431 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6431	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qca6436 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qca6436	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfs2530 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfs2530	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qfs2580 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qfs2580	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qsm8250 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qsm8250	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qtc800h Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qtc800h	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Qtc801s Firmware	All versions

Running on/with	Platform Versions
Qualcomm Qtc801s	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd865 5g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd865 5g	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdr8250 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdr8250	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdr865 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdr865	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx55 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx55	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdx55m Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdx55m	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sdxr2 5g Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sdxr2 5g	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Smb1355 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Smb1355	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Smb1390 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Smb1390	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Smr525 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Smr525	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Smr526 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Smr526	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9380 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9380	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcd9385 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcd9385	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6750 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6750	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6850 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6850	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wcn6851 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wcn6851	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8810 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8810	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Wsa8815 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Wsa8815	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (3)

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Source: product-security@qualcomm.com

Broken Link

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Source: nvd@nist.gov

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.