Vulnerability CVE-2020-11212


Published: 2021-01-21

Description:
Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Type:

CWE-125

(Out-of-bounds Read)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Qualcomm -> Rgr7640au 
Qualcomm -> Pmx50 
Qualcomm -> Sd450 
Qualcomm -> Qbt2000 
Qualcomm -> Sd765 
Qualcomm -> Qca6390 
Qualcomm -> Sdr051 
Qualcomm -> Qca6584 
Qualcomm -> Sdx55 
Qualcomm -> Qca9886 
Qualcomm -> Smb1380 
Qualcomm -> Qcn5052 
Qualcomm -> Wcd9335 
Qualcomm -> Qcn9022 
Qualcomm -> Ar9380 
Qualcomm -> Wcn3910 
Qualcomm -> Qdm2305 
Qualcomm -> Ipq8064 
Qualcomm -> Wsa8815 
Qualcomm -> Qet4101 
Qualcomm -> Mdm8215 
Qualcomm -> Qfe2330 
Qualcomm -> Msm8608 
Qualcomm -> Qfe4320 
Qualcomm -> Pm439 
Qualcomm -> Qln4650 
Qualcomm -> Pm670l 
Qualcomm -> Qpa8686 
Qualcomm -> Pm8250 
Qualcomm -> Qpm5620 
Qualcomm -> Pm8956 
Qualcomm -> Qpm8820 
Qualcomm -> Pmk8001 
Qualcomm -> Rsw8577 
Qualcomm -> Pmx55 
Qualcomm -> Sd455 
Qualcomm -> Qca0000 
Qualcomm -> Sd765g 
Qualcomm -> Qca6391 
Qualcomm -> Sdr052 
Qualcomm -> Qca6584au 
Qualcomm -> Sdx55m 
Qualcomm -> Qca9888 
Qualcomm -> Smb1381 
Qualcomm -> Qcn5054 
Qualcomm -> Apq8009 
Qualcomm -> Wcd9340 
Qualcomm -> Qcn9024 
Qualcomm -> Csr6030 
Qualcomm -> Wcn3950 
Qualcomm -> Qdm2307 
Qualcomm -> Ipq8069 
Qualcomm -> Wsa8830 
Qualcomm -> Qet4200aq 
Qualcomm -> Mdm9206 
Qualcomm -> Qfe2340 
Qualcomm -> Msm8916 
Qualcomm -> Qfe4373fc 
Qualcomm -> Pm456 
Qualcomm -> Qln5020 
Qualcomm -> Pm7150a 
Qualcomm -> Qpa8688 
Qualcomm -> Pm8350 
Qualcomm -> Qpm5621 
Qualcomm -> Pm8994 
Qualcomm -> Qpm8830 
Qualcomm -> Pmk8002 
Qualcomm -> Sa415m 
Qualcomm -> Qat3514 
Qualcomm -> Sd460 
Qualcomm -> Qca1023 
Qualcomm -> Sd768g 
Qualcomm -> Qca6420 
Qualcomm -> Sdr425 
Qualcomm -> Qca6595 
Qualcomm -> Sdxr1 
Qualcomm -> Qca9889 
Qualcomm -> Smb1390 
Qualcomm -> Qcn5064 
Qualcomm -> Apq8016 
Qualcomm -> Wcd9341 
Qualcomm -> Qcn9070 
Qualcomm -> Csr8811 
Qualcomm -> Wcn3980 
Qualcomm -> Qdm2308 
Qualcomm -> Ipq8070 
Qualcomm -> Wsa8835 
Qualcomm -> Qet5100 
Qualcomm -> Mdm9215 
Qualcomm -> Qfe2520 
Qualcomm -> Msm8917 
Qualcomm -> Qfe4455fc 
Qualcomm -> Pm6125 
Qualcomm -> Qln5030 
Qualcomm -> Pm7150l 
Qualcomm -> Qpa8801 
Qualcomm -> Pm8350b 
Qualcomm -> Qpm5641 
Qualcomm -> Pm8996 
Qualcomm -> Qpm8870 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top