Vulnerability CVE-2020-11137


Published: 2021-01-21

Description:
Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in possible device instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Type:

CWE-190

(Integer Overflow or Wraparound)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Qualcomm -> Ar6003 
Qualcomm -> Qfs2580 
Qualcomm -> Mdm9310 
Qualcomm -> Qpa4340 
Qualcomm -> Msm8208 
Qualcomm -> Qpa8842 
Qualcomm -> Msm8956 
Qualcomm -> Qpm5875 
Qualcomm -> Pm6250 
Qualcomm -> Qtc800s 
Qualcomm -> Pm8004 
Qualcomm -> Sc8180x\+sdx55 
Qualcomm -> Pm8350bh 
Qualcomm -> Sd710 
Qualcomm -> Pm8953 
Qualcomm -> SD8C 
Qualcomm -> Pmk7350 
Qualcomm -> Sdr845 
Qualcomm -> Pmx55 
Qualcomm -> Smb1355 
Qualcomm -> Qca4020 
Qualcomm -> Smr546 
Qualcomm -> Qca6564au 
Qualcomm -> Wcn3615 
Qualcomm -> Qcm6125 
Qualcomm -> Wcn6750 
Qualcomm -> Qdm3302 
Qualcomm -> Wtr2100 
Qualcomm -> Qet5100m 
Qualcomm -> Qfe3320 
Qualcomm -> Qfe3335 
Qualcomm -> Ar8031 
Qualcomm -> Qfs2608 
Qualcomm -> Mdm9330 
Qualcomm -> Qpa4360 
Qualcomm -> Msm8209 
Qualcomm -> Qpm2630 
Qualcomm -> Msm8960 
Qualcomm -> Qpm6582 
Qualcomm -> Pm6350 
Qualcomm -> Qtc800t 
Qualcomm -> Pm8005 
Qualcomm -> Sd205 
Qualcomm -> Pm8350bhs 
Qualcomm -> Sd712 
Qualcomm -> Pm8996 
Qualcomm -> Sd8cx 
Qualcomm -> Pmk8001 
Qualcomm -> Sdr865 
Qualcomm -> Qat3514 
Qualcomm -> Smb1357 
Qualcomm -> Qca6174 
Qualcomm -> Wcd9306 
Qualcomm -> Qca6574 
Qualcomm -> Wcn3620 
Qualcomm -> Qcs2290 
Qualcomm -> Wcn6850 
Qualcomm -> Qdm4643 
Qualcomm -> Wtr2605 
Qualcomm -> Qet6100 
Qualcomm -> Apq8009 
Qualcomm -> Qfe3340 
Qualcomm -> Ar8035 
Qualcomm -> Qfs2630 
Qualcomm -> Mdm9607 
Qualcomm -> Qpa4361 
Qualcomm -> Msm8226 
Qualcomm -> Qpm4621 
Qualcomm -> Msm8960sg 
Qualcomm -> Qpm6585 
Qualcomm -> Pm640a 
Qualcomm -> Qtc801s 
Qualcomm -> Pm8008 
Qualcomm -> Sd210 
Qualcomm -> Pm8350c 
Qualcomm -> Sd720g 
Qualcomm -> Pm8998 
Qualcomm -> Sda429w 
Qualcomm -> Pmk8002 
Qualcomm -> Sdw3100 
Qualcomm -> Qat3516 
Qualcomm -> Smb1358 
Qualcomm -> Qca6174a 
Qualcomm -> Wcd9310 
Qualcomm -> Qca6574a 
Qualcomm -> Wcn3660 
Qualcomm -> Qcs405 
Qualcomm -> Wcn6851 
Qualcomm -> Qdm4650 
Qualcomm -> Wtr2655 
Qualcomm -> Qet6110 
Qualcomm -> Apq8009w 
Qualcomm -> Qfe3345 
Qualcomm -> Ar8151 
Qualcomm -> Qln1020 
Qualcomm -> Mdm9615 
Qualcomm -> Qpa5373 
Qualcomm -> Msm8227 
Qualcomm -> Qpm4630 
Qualcomm -> Msm8962 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top