Vulnerability CVE-2020-11197


Published: 2021-01-21

Description:
Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip with invalid data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Type:

CWE-190

(Integer Overflow or Wraparound)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Qualcomm -> Sdxr1 
Qualcomm -> Pm855p 
Qualcomm -> Smb1381 
Qualcomm -> Pmi8998 
Qualcomm -> Wcd9370 
Qualcomm -> Pmx50 
Qualcomm -> Wcn3991 
Qualcomm -> Qbt2000 
Qualcomm -> Wtr3950 
Qualcomm -> Qca6564a 
Qualcomm -> Qdm2301 
Qualcomm -> Qdm5671 
Qualcomm -> Qfe4303 
Qualcomm -> Qln4642 
Qualcomm -> Qpa8675 
Qualcomm -> Qpm5677 
Qualcomm -> Qtc410s 
Qualcomm -> Sd205 
Qualcomm -> Msm8917 
Qualcomm -> Sd765 
Qualcomm -> Pm6350 
Qualcomm -> Sdr425 
Qualcomm -> Pm8005 
Qualcomm -> Sdxr25g 
Qualcomm -> Pm8909 
Qualcomm -> Smb1390 
Qualcomm -> Pmk7350 
Qualcomm -> Wcd9375 
Qualcomm -> Pmx55 
Qualcomm -> Wcn3998 
Qualcomm -> Qca4020 
Qualcomm -> Wtr4905 
Qualcomm -> Qca6564au 
Qualcomm -> Qdm2302 
Qualcomm -> Qdm5677 
Qualcomm -> Qfe4305 
Qualcomm -> Qln4650 
Qualcomm -> Qpa8686 
Qualcomm -> Qpm5679 
Qualcomm -> Qtc800h 
Qualcomm -> Apq8009 
Qualcomm -> Sd210 
Qualcomm -> Msm8920 
Qualcomm -> Sd765g 
Qualcomm -> Pm640a 
Qualcomm -> Sdr660 
Qualcomm -> Pm8008 
Qualcomm -> Sm4125 
Qualcomm -> Pm8916 
Qualcomm -> Smb1394 
Qualcomm -> Pmk8001 
Qualcomm -> Wcd9380 
Qualcomm -> Qat3514 
Qualcomm -> Wcn6740 
Qualcomm -> Qca6174a 
Qualcomm -> Wtr5975 
Qualcomm -> Qca6574 
Qualcomm -> Qdm2305 
Qualcomm -> Qdm5679 
Qualcomm -> Qfe4308 
Qualcomm -> Qln5020 
Qualcomm -> Qpa8801 
Qualcomm -> Qpm5870 
Qualcomm -> Qtc800s 
Qualcomm -> Apq8009w 
Qualcomm -> Sd429 
Qualcomm -> Msm8937 
Qualcomm -> Sd768g 
Qualcomm -> Pm640l 
Qualcomm -> Sdr660g 
Qualcomm -> Pm8009 
Qualcomm -> Sm4350 
Qualcomm -> Pm8937 
Qualcomm -> Smb1395 
Qualcomm -> Pmk8002 
Qualcomm -> Wcd9385 
Qualcomm -> Qat3516 
Qualcomm -> Wcn6750 
Qualcomm -> Qca6175a 
Qualcomm -> Qca6574a 
Qualcomm -> Qdm2307 
Qualcomm -> Qet4100 
Qualcomm -> Qfe4309 
Qualcomm -> Qln5030 
Qualcomm -> Qpa8802 
Qualcomm -> Qpm5875 
Qualcomm -> Qtc800t 
Qualcomm -> Apq8017 
Qualcomm -> Sd450 
Qualcomm -> Msm8940 
Qualcomm -> Sd820 
Qualcomm -> Pm640p 
Qualcomm -> Sdr675 
Qualcomm -> Pm8150a 
Qualcomm -> Sm6250 
Qualcomm -> Pm8940 
Qualcomm -> Smb1396 
Qualcomm -> Pmk8003 
Qualcomm -> Wcn3610 
Qualcomm -> Qat3518 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top