Podatność CVE-2020-11183

Podatność CVE-2020-11183

Publikacja: 2021-01-21

Opis:

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Typ:

CWE-120

(Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
7.2/10	10/10	3.9/10

Wymagany dostęp	Złożoność ataku	Autoryzacja
Lokalny	Niska	Nie wymagana
Wpływ na poufność	Wpływ na integralność	Wpływ na dostępność
Pełny	Pełny	Pełny

Affected software
Qualcomm -> Msm8940
Qualcomm -> Pm8996
Qualcomm -> Qat3522
Qualcomm -> Qcc1110
Qualcomm -> Qfe4308
Qualcomm -> Qtc800h
Qualcomm -> Sdm630
Qualcomm -> Smb1380
Qualcomm -> Wsa8815
Qualcomm -> Apq8009
Qualcomm -> Msm8953
Qualcomm -> Pm8998
Qualcomm -> Qat3550
Qualcomm -> Qet4100
Qualcomm -> Qfe4309
Qualcomm -> Qtc800s
Qualcomm -> Sdm830
Qualcomm -> Smb231
Qualcomm -> Wtr2955
Qualcomm -> Apq8009w
Qualcomm -> Msm8996au
Qualcomm -> Pmd9607
Qualcomm -> Qbt1000
Qualcomm -> Qet4101
Qualcomm -> Qfe4320
Qualcomm -> Qtc800t
Qualcomm -> Sdr051
Qualcomm -> Wcd9326
Qualcomm -> Wtr2965
Qualcomm -> Apq8017
Qualcomm -> Pm215
Qualcomm -> Pmd9655
Qualcomm -> Qbt1500
Qualcomm -> Qet4200aq
Qualcomm -> Qfe4373fc
Qualcomm -> Qtc801s
Qualcomm -> Sdr052
Qualcomm -> Wcd9330
Qualcomm -> Wtr3905
Qualcomm -> Apq8037
Qualcomm -> Pm439
Qualcomm -> Pmi632
Qualcomm -> Qca6174a
Qualcomm -> Qet5100
Qualcomm -> Qfe4455fc
Qualcomm -> Qualcomm215
Qualcomm -> Sdr660
Qualcomm -> Wcd9335
Qualcomm -> Wtr3925
Qualcomm -> Apq8053
Qualcomm -> Pm660
Qualcomm -> Pmi8937
Qualcomm -> Qca6310
Qualcomm -> Qfe2080fc
Qualcomm -> Qfe4465fc
Qualcomm -> Rgr7640au
Qualcomm -> Sdw2500
Qualcomm -> Wcd9340
Qualcomm -> Wtr3950
Qualcomm -> Apq8096au
Qualcomm -> Pm660a
Qualcomm -> Pmi8940
Qualcomm -> Qca6320
Qualcomm -> Qfe2081fc
Qualcomm -> Qln1021aq
Qualcomm -> Rsw8577
Qualcomm -> Sdw3100
Qualcomm -> Wcd9341
Qualcomm -> Wtr4905
Qualcomm -> Ar8151
Qualcomm -> Pm660l
Qualcomm -> Pmi8952
Qualcomm -> Qca6564a
Qualcomm -> Qfe2082fc
Qualcomm -> Qln1030
Qualcomm -> Sd439
Qualcomm -> Sdx20
Qualcomm -> Wcn3615
Qualcomm -> Wtr5975
Qualcomm -> Mdm9206
Qualcomm -> Pm8004
Qualcomm -> Pmi8994
Qualcomm -> Qca6564au
Qualcomm -> Qfe2101
Qualcomm -> Qln1031
Qualcomm -> Sd450
Qualcomm -> Sdx20m
Qualcomm -> Wcn3620
Qualcomm -> Mdm9250
Qualcomm -> Pm8005
Qualcomm -> Pmi8996
Qualcomm -> Qca6574a
Qualcomm -> Qfe2550
Qualcomm -> Qln1035bd
Qualcomm -> Sd636
Qualcomm -> Sdx50m
Qualcomm -> Wcn3660b
Qualcomm -> Mdm9650
Qualcomm -> Pm855a
Qualcomm -> Pmi8998

Referencje:

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Podatność CVE-2020-11183

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE-120

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

7.2/10

10/10

3.9/10

Lokalny

Niska

Nie wymagana

Pełny

Pełny

Pełny

Affected software

Referencje: