Podatność CVE-2020-11216

Podatność CVE-2020-11216

Publikacja: 2021-01-21

Opis:

Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Typ:

CWE-190

(Integer Overflow or Wraparound)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
7.5/10	6.4/10	10/10

Wymagany dostęp	Złożoność ataku	Autoryzacja
Zdalny	Niska	Nie wymagana
Wpływ na poufność	Wpływ na integralność	Wpływ na dostępność
Częściowy	Częściowy	Częściowy

Affected software
Qualcomm -> Qcs610
Qualcomm -> Qdm5670
Qualcomm -> Qfe4302
Qualcomm -> Qln4640
Qualcomm -> Qpa8673
Qualcomm -> Qpm5670
Qualcomm -> Qsw8574
Qualcomm -> Sd205
Qualcomm -> Mdm9650
Qualcomm -> Sd750g
Qualcomm -> Pm6250
Qualcomm -> Sdr052
Qualcomm -> Pm8004
Qualcomm -> Sdx55m
Qualcomm -> Pm855l
Qualcomm -> Smb1381
Qualcomm -> Pmi8996
Qualcomm -> Wcd9370
Qualcomm -> Pmx20
Qualcomm -> Wcn3998
Qualcomm -> Qbt2000
Qualcomm -> Wtr4905
Qualcomm -> Qca6564au
Qualcomm -> Qdm2301
Qualcomm -> Qdm5671
Qualcomm -> Qfe4303
Qualcomm -> Qln4642
Qualcomm -> Qpa8675
Qualcomm -> Qpm5677
Qualcomm -> Qtc410s
Qualcomm -> Apq8009
Qualcomm -> Sd210
Qualcomm -> Msm8909w
Qualcomm -> Sd765
Qualcomm -> Pm6350
Qualcomm -> Sdr425
Qualcomm -> Pm8005
Qualcomm -> Sdxr1
Qualcomm -> Pm855p
Qualcomm -> Smb1390
Qualcomm -> Pmi8998
Qualcomm -> Wcd9371
Qualcomm -> Pmx50
Qualcomm -> Wcn6740
Qualcomm -> Qca4020
Qualcomm -> Wtr5975
Qualcomm -> Qca6574
Qualcomm -> Qdm2302
Qualcomm -> Qdm5677
Qualcomm -> Qfe4305
Qualcomm -> Qln4650
Qualcomm -> Qpa8686
Qualcomm -> Qpm5679
Qualcomm -> Qtc800h
Qualcomm -> Apq8009w
Qualcomm -> Sd429
Qualcomm -> Msm8917
Qualcomm -> Sd765g
Qualcomm -> Pm640a
Qualcomm -> Sdr660
Qualcomm -> Pm8008
Qualcomm -> Sdxr25g
Qualcomm -> Pm8909
Qualcomm -> Smb1394
Qualcomm -> Pmk7350
Qualcomm -> Wcd9375
Qualcomm -> Pmx55
Qualcomm -> Wcn6750
Qualcomm -> Qca6174a
Qualcomm -> Qca6574a
Qualcomm -> Qdm2305
Qualcomm -> Qdm5679
Qualcomm -> Qfe4308
Qualcomm -> Qln5020
Qualcomm -> Qpa8801
Qualcomm -> Qpm5870
Qualcomm -> Qtc800s
Qualcomm -> Apq8017
Qualcomm -> Sd439
Qualcomm -> Msm8920
Qualcomm -> Sd768g
Qualcomm -> Pm640l
Qualcomm -> Sdr660g
Qualcomm -> Pm8009
Qualcomm -> Sm4350
Qualcomm -> Pm8916
Qualcomm -> Smb1395
Qualcomm -> Pmk8001
Qualcomm -> Wcd9380
Qualcomm -> Qat3514
Qualcomm -> Wcn6850
Qualcomm -> Qca6175a
Qualcomm -> Qca6574au
Qualcomm -> Qdm2307
Qualcomm -> Qet4100
Qualcomm -> Qfe4309
Qualcomm -> Qln5030
Qualcomm -> Qpa8802
Qualcomm -> Qpm5875
Qualcomm -> Qtc801s

Referencje:

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Podatność CVE-2020-11216

Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE-190

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

7.5/10

6.4/10

10/10

Zdalny

Niska

Nie wymagana

Częściowy

Częściowy

Częściowy

Affected software

Referencje: