Vulnerability CVE-2020-11148


Published: 2021-01-21

Description:
Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Type:

CWE-416

(Use After Free)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Qualcomm -> Wcn3615 
Qualcomm -> Wsa8810 
Qualcomm -> Pm660 
Qualcomm -> Pm8350 
Qualcomm -> Pmk8003 
Qualcomm -> Qat5516 
Qualcomm -> Qca6696 
Qualcomm -> Qdm5652 
Qualcomm -> Qfe4303 
Qualcomm -> Qpa4360 
Qualcomm -> Qpm4640 
Qualcomm -> Qpm8830 
Qualcomm -> Sd429 
Qualcomm -> Sdr660g 
Qualcomm -> Smb1390 
Qualcomm -> Wcn3620 
Qualcomm -> Wsa8815 
Qualcomm -> Apq8017 
Qualcomm -> Pm660l 
Qualcomm -> Pm8350b 
Qualcomm -> Pmk8350 
Qualcomm -> Qat5522 
Qualcomm -> Qcs605 
Qualcomm -> Qdm5670 
Qualcomm -> Qfe4305 
Qualcomm -> Qpa4361 
Qualcomm -> Qpm4641 
Qualcomm -> Qpm8870 
Qualcomm -> Sd439 
Qualcomm -> Sdr735 
Qualcomm -> Smb1394 
Qualcomm -> Wcn3660b 
Qualcomm -> Wsa8830 
Qualcomm -> Apq8053 
Qualcomm -> Pm670 
Qualcomm -> Pm8350bh 
Qualcomm -> Pmm8195au 
Qualcomm -> Qat5533 
Qualcomm -> Qdm2301 
Qualcomm -> Qdm5671 
Qualcomm -> Qfe4308 
Qualcomm -> Qpa5373 
Qualcomm -> Qpm4650 
Qualcomm -> Qpm8895 
Qualcomm -> Sd632 
Qualcomm -> Sdr735g 
Qualcomm -> Smb1395 
Qualcomm -> Wcn3680 
Qualcomm -> Wsa8835 
Qualcomm -> Msm8917 
Qualcomm -> Pm670l 
Qualcomm -> Pm8350bhs 
Qualcomm -> Pmm855au 
Qualcomm -> Qat5568 
Qualcomm -> Qdm2302 
Qualcomm -> Qdm5677 
Qualcomm -> Qfe4309 
Qualcomm -> Qpa5461 
Qualcomm -> Qpm5621 
Qualcomm -> Qsm7250 
Qualcomm -> Sd665 
Qualcomm -> Sdr8250 
Qualcomm -> Smb1396 
Qualcomm -> Smb1398 
Qualcomm -> Wcn3680b 
Qualcomm -> Wtr2955 
Qualcomm -> Msm8953 
Qualcomm -> Pm7150a 
Qualcomm -> Pm8350c 
Qualcomm -> Pmr525 
Qualcomm -> Qbt1500 
Qualcomm -> Qdm2305 
Qualcomm -> Qdm5679 
Qualcomm -> Qfe4320 
Qualcomm -> Qpa5580 
Qualcomm -> Qpm5641 
Qualcomm -> Qsw6310 
Qualcomm -> Sd675 
Qualcomm -> Sdr865 
Qualcomm -> Smr525 
Qualcomm -> Wcn3950 
Qualcomm -> Wtr2965 
Qualcomm -> Pm215 
Qualcomm -> Pm7150l 
Qualcomm -> Pm855 
Qualcomm -> Pmr735a 
Qualcomm -> Qbt2000 
Qualcomm -> Qdm2307 
Qualcomm -> Qet4101 
Qualcomm -> Qfe4373fc 
Qualcomm -> Qpa5581 
Qualcomm -> Qpm5658 
Qualcomm -> Qsw8573 
Qualcomm -> Sd6905g 
Qualcomm -> Sdx55 
Qualcomm -> Smr526 
Qualcomm -> Wcn3980 
Qualcomm -> Wtr3925 
Qualcomm -> Pm3003a 
Qualcomm -> Pm7250 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top