Vulnerability CVE-2020-11146


Published: 2021-01-21

Description:
Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Type:

CWE-129

(Improper Validation of Array Index)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Qualcomm -> Qpa4361 
Qualcomm -> Qpm4640 
Qualcomm -> Qpm6582 
Qualcomm -> Qtm525 
Qualcomm -> Sd670 
Qualcomm -> Sda429w 
Qualcomm -> Sm6250 
Qualcomm -> Pm6250 
Qualcomm -> Smr526 
Qualcomm -> Pm8008 
Qualcomm -> Wcn3660b 
Qualcomm -> Pm855p 
Qualcomm -> Wgr7640 
Qualcomm -> Pmk8350 
Qualcomm -> Qat3555 
Qualcomm -> Qca6421 
Qualcomm -> Qca9379 
Qualcomm -> Qdm5620 
Qualcomm -> Qfs2580 
Qualcomm -> Qpa5461 
Qualcomm -> Qpm4641 
Qualcomm -> Qpm6585 
Qualcomm -> Qtm527 
Qualcomm -> Sd675 
Qualcomm -> Sdm429w 
Qualcomm -> Apq8076 
Qualcomm -> Sm6250p 
Qualcomm -> Pm6350 
Qualcomm -> Smr545 
Qualcomm -> Pm8009 
Qualcomm -> Wcn3680 
Qualcomm -> Pm8909 
Qualcomm -> Wsa8810 
Qualcomm -> Pmm6155au 
Qualcomm -> Qat5515 
Qualcomm -> Qca6426 
Qualcomm -> Qcm4290 
Qualcomm -> Qdm5621 
Qualcomm -> Qfs2608 
Qualcomm -> Qpa5580 
Qualcomm -> Qpm4650 
Qualcomm -> Qpm6621 
Qualcomm -> Qualcomm215 
Qualcomm -> Sd6905g 
Qualcomm -> Sdr425 
Qualcomm -> Aqt1000 
Qualcomm -> Sm7250p 
Qualcomm -> Pm640a 
Qualcomm -> Smr546 
Qualcomm -> Pm8150 
Qualcomm -> Wcn3680b 
Qualcomm -> Pm8916 
Qualcomm -> Wsa8815 
Qualcomm -> Pmm8155au 
Qualcomm -> Qat5516 
Qualcomm -> Qca6430 
Qualcomm -> Qcs405 
Qualcomm -> Qdm5650 
Qualcomm -> Qfs2630 
Qualcomm -> Qpa5581 
Qualcomm -> Qpm5541 
Qualcomm -> Qpm6670 
Qualcomm -> Sa6145p 
Qualcomm -> Sd710 
Qualcomm -> Sdr660 
Qualcomm -> Ar8031 
Qualcomm -> Sm7350 
Qualcomm -> Pm640l 
Qualcomm -> Wcd9306 
Qualcomm -> Pm8150a 
Qualcomm -> Wcn3910 
Qualcomm -> Pm8937 
Qualcomm -> Wsa8830 
Qualcomm -> Pmm8195au 
Qualcomm -> Qat5522 
Qualcomm -> Qca6431 
Qualcomm -> Qcs4290 
Qualcomm -> Qdm5652 
Qualcomm -> Qln1020 
Qualcomm -> Qpa6560 
Qualcomm -> Qpm5577 
Qualcomm -> Qpm8820 
Qualcomm -> Sa6155 
Qualcomm -> Sd720g 
Qualcomm -> Sdr660g 
Qualcomm -> Ar8035 
Qualcomm -> Smb1351 
Qualcomm -> Pm640p 
Qualcomm -> Wcd9326 
Qualcomm -> Pm8150b 
Qualcomm -> Wcn3950 
Qualcomm -> Pm8952 
Qualcomm -> Wsa8835 
Qualcomm -> Pmm855au 
Qualcomm -> Qat5533 
Qualcomm -> Qca6436 
Qualcomm -> Qcs605 
Qualcomm -> Qdm5670 
Qualcomm -> Qln1021aq 
Qualcomm -> Qpa8673 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top