Vulnerability CVE-2020-11185

Vulnerability CVE-2020-11185

Published: 2021-01-21

Description:

Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Type:

CWE-787

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.2/10	10/10	3.9/10

Exploit range	Attack complexity	Authentication
Local	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Qualcomm -> Qdm5579
Qualcomm -> Qln4650
Qualcomm -> Qpm4640
Qualcomm -> Sa6145p
Qualcomm -> Smb1395
Qualcomm -> Wcn6851
Qualcomm -> Ipq8070a
Qualcomm -> Pm8009
Qualcomm -> Pmx55
Qualcomm -> Qca6564a
Qualcomm -> Qca9889
Qualcomm -> Qcn5124
Qualcomm -> Qdm5620
Qualcomm -> Qln5020
Qualcomm -> Qpm4641
Qualcomm -> Sa6155p
Qualcomm -> Smb1396
Qualcomm -> Wcn6856
Qualcomm -> Ar9380
Qualcomm -> Ipq8071
Qualcomm -> Pm8350
Qualcomm -> Qat3514
Qualcomm -> Qca6564au
Qualcomm -> Qca9898
Qualcomm -> Qcn5152
Qualcomm -> Qdm5621
Qualcomm -> Qln5030
Qualcomm -> Qpm4650
Qualcomm -> Sa8150p
Qualcomm -> Smb1398
Qualcomm -> Wsa8830
Qualcomm -> Csr8811
Qualcomm -> Ipq8071a
Qualcomm -> Pm8350b
Qualcomm -> Qat3516
Qualcomm -> Qca6574
Qualcomm -> Qca9980
Qualcomm -> Qcn5154
Qualcomm -> Qdm5670
Qualcomm -> Qln5040
Qualcomm -> Qpm5621
Qualcomm -> Sa8155
Qualcomm -> Smr525
Qualcomm -> Wsa8835
Qualcomm -> Ipq4018
Qualcomm -> Ipq8072
Qualcomm -> Pm8350bh
Qualcomm -> Qat3518
Qualcomm -> Qca6574a
Qualcomm -> Qca9984
Qualcomm -> Qcn5164
Qualcomm -> Qdm5671
Qualcomm -> Qpa2625
Qualcomm -> Qpm5641
Qualcomm -> Sa8155p
Qualcomm -> Smr526
Qualcomm -> Ipq4019
Qualcomm -> Ipq8072a
Qualcomm -> Pm8350bhs
Qualcomm -> Qat3519
Qualcomm -> Qca6574au
Qualcomm -> Qca9985
Qualcomm -> Qcn5550
Qualcomm -> Qdm5677
Qualcomm -> Qpa5461
Qualcomm -> Qpm5670
Qualcomm -> Sa8195p
Qualcomm -> Smr545
Qualcomm -> Ipq4028
Qualcomm -> Ipq8074
Qualcomm -> Pm8350c
Qualcomm -> Qat3555
Qualcomm -> Qca6584au
Qualcomm -> Qca9990
Qualcomm -> Qcn7605
Qualcomm -> Qdm5679
Qualcomm -> Qpa5580
Qualcomm -> Qpm5677
Qualcomm -> Sd8885g
Qualcomm -> Smr546
Qualcomm -> Ipq4029
Qualcomm -> Ipq8074a
Qualcomm -> Pmk7350
Qualcomm -> Qat5515
Qualcomm -> Qca6595
Qualcomm -> Qca9992
Qualcomm -> Qcn7606
Qualcomm -> Qet5100
Qualcomm -> Qpa5581
Qualcomm -> Qpm5679
Qualcomm -> Sdr660g
Qualcomm -> Wcd9341
Qualcomm -> Ipq6000
Qualcomm -> Ipq8076
Qualcomm -> Pmk8002
Qualcomm -> Qat5516
Qualcomm -> Qca6595au
Qualcomm -> Qca9994
Qualcomm -> Qcn9000
Qualcomm -> Qet5100m

References:

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Vulnerability CVE-2020-11185

Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

CWE-787

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

7.2/10

10/10

3.9/10

Local

Low

No required

Complete

Complete

Complete

Affected software

References: