Vulnerability CVE-2020-11144


Published: 2021-01-21

Description:
Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Type:

CWE-125

(Out-of-bounds Read)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
Partial
Affected software
Qualcomm -> Qtm527 
Qualcomm -> Msm8953 
Qualcomm -> Sd632 
Qualcomm -> Pm640p 
Qualcomm -> Sd835 
Qualcomm -> Pm8150 
Qualcomm -> Sdr675 
Qualcomm -> Pm8953 
Qualcomm -> Sm6250p 
Qualcomm -> Pmi8996 
Qualcomm -> Smb358s 
Qualcomm -> Qat3519 
Qualcomm -> Wcn3615 
Qualcomm -> Qca6320 
Qualcomm -> Whs9410 
Qualcomm -> Qca6584au 
Qualcomm -> Qcs410 
Qualcomm -> Qdm5652 
Qualcomm -> Qfe2081fc 
Qualcomm -> Qfe4308 
Qualcomm -> Qln4650 
Qualcomm -> Qpa8802 
Qualcomm -> Mdm8215 
Qualcomm -> Qpm6582 
Qualcomm -> Mdm9628 
Qualcomm -> Qualcomm215 
Qualcomm -> Msm8976 
Qualcomm -> Sd636 
Qualcomm -> Pm660 
Qualcomm -> Sd845 
Qualcomm -> Pm8150a 
Qualcomm -> Sdr8150 
Qualcomm -> Pm8956 
Qualcomm -> Sm7250p 
Qualcomm -> Pmi8998 
Qualcomm -> Smr525 
Qualcomm -> Qat3522 
Qualcomm -> Wcn3620 
Qualcomm -> Qca6335 
Qualcomm -> Wsa8810 
Qualcomm -> Qca6595 
Qualcomm -> Qcs4290 
Qualcomm -> Qdm5670 
Qualcomm -> Qfe2082fc 
Qualcomm -> Qfe4309 
Qualcomm -> Qln5020 
Qualcomm -> Apq8009 
Qualcomm -> Qpa8803 
Qualcomm -> Mdm8215m 
Qualcomm -> Qpm6585 
Qualcomm -> Mdm9630 
Qualcomm -> Rgr7640au 
Qualcomm -> Msm8976sg 
Qualcomm -> Sd660 
Qualcomm -> Pm660a 
Qualcomm -> Sd850 
Qualcomm -> Pm8150b 
Qualcomm -> Sdr8250 
Qualcomm -> Pm8996 
Qualcomm -> Smb1350 
Qualcomm -> Pmk8001 
Qualcomm -> Smr526 
Qualcomm -> Qat3550 
Qualcomm -> Wcn3660 
Qualcomm -> Qca6390 
Qualcomm -> Wsa8815 
Qualcomm -> Qca6595au 
Qualcomm -> Qcs603 
Qualcomm -> Qdm5671 
Qualcomm -> Qfe2101 
Qualcomm -> Qfe4320 
Qualcomm -> Qln5030 
Qualcomm -> Apq8009w 
Qualcomm -> Qpa8821 
Qualcomm -> Mdm8615m 
Qualcomm -> Qpm8820 
Qualcomm -> Mdm9635m 
Qualcomm -> Rsw8577 
Qualcomm -> Msm8996au 
Qualcomm -> Sd662 
Qualcomm -> Pm660l 
Qualcomm -> Sd855 
Qualcomm -> Pm8150c 
Qualcomm -> Sdr845 
Qualcomm -> Pm8998 
Qualcomm -> Smb1351 
Qualcomm -> Pmk8002 
Qualcomm -> Wcd9306 
Qualcomm -> Qat3555 
Qualcomm -> Wcn3660b 
Qualcomm -> Qca6391 
Qualcomm -> Wtr1605 
Qualcomm -> Qca6694 
Qualcomm -> Qcs605 
Qualcomm -> Qdm5677 
Qualcomm -> Qfe2340 
Qualcomm -> Qfe4373fc 
Qualcomm -> Qln5040 
Qualcomm -> Apq8017 
Qualcomm -> Qpa8842 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top