Vulnerability CVE-2020-11150


Published: 2021-01-21

Description:
Out of bound memory access in camera driver due to improper validation on data coming from UMD which is used for offset manipulation of pointer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Qualcomm -> Qpm4641 
Qualcomm -> Qpm6585 
Qualcomm -> Qualcomm215 
Qualcomm -> Sd765 
Qualcomm -> Sdr8250 
Qualcomm -> Smb1396 
Qualcomm -> Wcn3615 
Qualcomm -> Pm660 
Qualcomm -> Wcn6856 
Qualcomm -> Pm8150c 
Qualcomm -> Pme605 
Qualcomm -> Qat3516 
Qualcomm -> Qca6390 
Qualcomm -> Qca6595au 
Qualcomm -> Qdm3301 
Qualcomm -> Qet5100m 
Qualcomm -> Qpa4360 
Qualcomm -> Qpm4650 
Qualcomm -> Qpm6621 
Qualcomm -> Sa6145p 
Qualcomm -> Sd765g 
Qualcomm -> Sdr865 
Qualcomm -> Smb1398 
Qualcomm -> Aqt1000 
Qualcomm -> Wcn3620 
Qualcomm -> Pm660l 
Qualcomm -> Wgr7640 
Qualcomm -> Pm8150l 
Qualcomm -> Pmi632 
Qualcomm -> Qat3518 
Qualcomm -> Qca6391 
Qualcomm -> Qca6696 
Qualcomm -> Qdm3302 
Qualcomm -> Qet6100 
Qualcomm -> Qpa4361 
Qualcomm -> Qpm5541 
Qualcomm -> Qpm6670 
Qualcomm -> Sa6155 
Qualcomm -> Sd768g 
Qualcomm -> Sdx24 
Qualcomm -> Smb2351 
Qualcomm -> Ar8031 
Qualcomm -> Wcn3660b 
Qualcomm -> Pm670 
Qualcomm -> Wsa8810 
Qualcomm -> Pm8250 
Qualcomm -> Pmk7350 
Qualcomm -> Qat3519 
Qualcomm -> Qca6420 
Qualcomm -> Qca8337 
Qualcomm -> Qdm4643 
Qualcomm -> Qet6110 
Qualcomm -> Qpa5461 
Qualcomm -> Qpm5577 
Qualcomm -> Qpm8820 
Qualcomm -> Sa6155p 
Qualcomm -> Sd855 
Qualcomm -> Sdx55 
Qualcomm -> Smr525 
Qualcomm -> Ar8035 
Qualcomm -> Wcn3680 
Qualcomm -> Pm670a 
Qualcomm -> Wsa8815 
Qualcomm -> Pm8350 
Qualcomm -> Pmk8002 
Qualcomm -> Qat3522 
Qualcomm -> Qca6421 
Qualcomm -> Qca9377 
Qualcomm -> Qdm4650 
Qualcomm -> Qfs2530 
Qualcomm -> Qpa5580 
Qualcomm -> Qpm5579 
Qualcomm -> Qpm8830 
Qualcomm -> Sa8150p 
Qualcomm -> Sd8655g 
Qualcomm -> Sdx55m 
Qualcomm -> Smr526 
Qualcomm -> Csra6620 
Qualcomm -> Wcn3680b 
Qualcomm -> Pm670l 
Qualcomm -> Wsa8830 
Qualcomm -> Pm8350b 
Qualcomm -> Pmk8003 
Qualcomm -> Qat3550 
Qualcomm -> Qca6426 
Qualcomm -> Qca9379 
Qualcomm -> Qdm5579 
Qualcomm -> Qfs2580 
Qualcomm -> Qpa5581 
Qualcomm -> Qpm5621 
Qualcomm -> Qpm8870 
Qualcomm -> Sa8155 
Qualcomm -> Sd8885g 
Qualcomm -> Sdxr1 
Qualcomm -> Smr545 
Qualcomm -> Csra6640 
Qualcomm -> Wcn3950 
Qualcomm -> Pm7150a 
Qualcomm -> Wsa8835 
Qualcomm -> Pm8350bh 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top