Vulnerability CVE-2020-11136
Published: 2021-01-21

Description:
Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Type:

CWE-125

 (Out-of-bounds Read)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Qualcomm -> Qfe4302 
Qualcomm -> Mdm9225m 
Qualcomm -> Qln1031 
Qualcomm -> Mdm9655 
Qualcomm -> Qpa5580 
Qualcomm -> Msm8930 
Qualcomm -> Qpm4650 
Qualcomm -> Pm456 
Qualcomm -> Qpm8830 
Qualcomm -> Pm7150a 
Qualcomm -> Rgr7640au 
Qualcomm -> Pm8150l 
Qualcomm -> Sd429 
Qualcomm -> Pm8917 
Qualcomm -> Sd765 
Qualcomm -> Pmi632 
Qualcomm -> Sda429w 
Qualcomm -> Pmm8996au 
Qualcomm -> Sdw3100 
Qualcomm -> Qat5516 
Qualcomm -> Smb1358 
Qualcomm -> Qca6391 
Qualcomm -> Wcd9310 
Qualcomm -> Qca6595au 
Qualcomm -> Wcn3620 
Qualcomm -> Qcs605 
Qualcomm -> Wcn6850 
Qualcomm -> Qdm5650 
Qualcomm -> Wtr2605 
Qualcomm -> Qfe1100 
Qualcomm -> Aqt1000 
Qualcomm -> Qfe4303 
Qualcomm -> Mdm9230 
Qualcomm -> Qln1035bd 
Qualcomm -> Mpq8064 
Qualcomm -> Qpa5581 
Qualcomm -> Msm8937 
Qualcomm -> Qpm5620 
Qualcomm -> Pm6125 
Qualcomm -> Qpm8870 
Qualcomm -> Pm7150l 
Qualcomm -> Rsw8577 
Qualcomm -> Pm8226 
Qualcomm -> Sd439 
Qualcomm -> Pm8921 
Qualcomm -> Sd765g 
Qualcomm -> Pmi8937 
Qualcomm -> Sdm429w 
Qualcomm -> Pmr525 
Qualcomm -> Sdx50m 
Qualcomm -> Qat5522 
Qualcomm -> Smb1360 
Qualcomm -> Qca6420 
Qualcomm -> Wcd9320 
Qualcomm -> Qca6694 
Qualcomm -> Wcn3660 
Qualcomm -> Qcs610 
Qualcomm -> Wcn6851 
Qualcomm -> Qdm5652 
Qualcomm -> Apq8009 
Qualcomm -> Wtr2655 
Qualcomm -> Qfe2080fc 
Qualcomm -> Ar6003 
Qualcomm -> Qfe4305 
Qualcomm -> Mdm9235m 
Qualcomm -> Qln1036aq 
Qualcomm -> Msm8108 
Qualcomm -> Qpa6560 
Qualcomm -> Msm8940 
Qualcomm -> Qpm5621 
Qualcomm -> Pm6150 
Qualcomm -> Qpm8895 
Qualcomm -> Pm7250 
Qualcomm -> Rtr8600 
Qualcomm -> Pm8250 
Qualcomm -> Sd450 
Qualcomm -> Pm8922 
Qualcomm -> Sd768g 
Qualcomm -> Pmi8940 
Qualcomm -> Sdm630 
Qualcomm -> Pmr735a 
Qualcomm -> Sdx55 
Qualcomm -> Qat5533 
Qualcomm -> Smb1380 
Qualcomm -> Qca6421 
Qualcomm -> Wcd9326 
Qualcomm -> Qca6694au 
Qualcomm -> Wcn3660a 
Qualcomm -> Qcs6125 
Qualcomm -> Wcn6856 
Qualcomm -> Qdm5670 
Qualcomm -> Apq8009w 
Qualcomm -> Wtr2955 
Qualcomm -> Qfe2081fc 
Qualcomm -> Ar8031 
Qualcomm -> Qfe4308 
Qualcomm -> Mdm9310 
Qualcomm -> Qln4640 
Qualcomm -> Msm8208 
Qualcomm -> Qpa8673 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin
Copyright 2024, cxsecurity.com

 

Back to Top