Vulnerability CVE-2020-11217

Vulnerability CVE-2020-11217

Published: 2021-01-21

Description:

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Type:

CWE-415

(Double Free)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.6/10	6.4/10	3.9/10

Exploit range	Attack complexity	Authentication
Local	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Qualcomm -> Qpm8895
Qualcomm -> Sd8885g
Qualcomm -> Smb1390
Qualcomm -> Wcn3950
Qualcomm -> Wtr2965
Qualcomm -> Pm8009
Qualcomm -> Pmr525
Qualcomm -> Qbt2000
Qualcomm -> Qdm3301
Qualcomm -> Qet5100m
Qualcomm -> Qpa5580
Qualcomm -> Qpm5621
Qualcomm -> Qsm7250
Qualcomm -> Sdr425
Qualcomm -> Smb1394
Qualcomm -> Wcn3980
Qualcomm -> Wtr3925
Qualcomm -> Pm3003a
Qualcomm -> Pm8150a
Qualcomm -> Pmr735a
Qualcomm -> Qca6390
Qualcomm -> Qdm3302
Qualcomm -> Qet6100
Qualcomm -> Qpa5581
Qualcomm -> Qpm5641
Qualcomm -> Qtc800h
Qualcomm -> Sdr660
Qualcomm -> Smb1395
Qualcomm -> Wcn3988
Qualcomm -> Pm4125
Qualcomm -> Pm8150b
Qualcomm -> Pmr735b
Qualcomm -> Qca6391
Qualcomm -> Qdm4643
Qualcomm -> Qet6110
Qualcomm -> Qpa6560
Qualcomm -> Qpm5657
Qualcomm -> Qtc800s
Qualcomm -> Sdr735
Qualcomm -> Smb1396
Qualcomm -> Wcn3990
Qualcomm -> Pm6125
Qualcomm -> Pm8150c
Qualcomm -> Pmx55
Qualcomm -> Qca6421
Qualcomm -> Qdm4650
Qualcomm -> Qfs2530
Qualcomm -> Qpa8673
Qualcomm -> Qpm5658
Qualcomm -> Qtc801s
Qualcomm -> Sdr735g
Qualcomm -> Smb1398
Qualcomm -> Wcn3991
Qualcomm -> Pm6150a
Qualcomm -> Pm8150l
Qualcomm -> Qat3514
Qualcomm -> Qca6426
Qualcomm -> Qdm5579
Qualcomm -> Qfs2580
Qualcomm -> Qpa8686
Qualcomm -> Qpm5670
Qualcomm -> Qtm525
Qualcomm -> Sdr8250
Qualcomm -> Smr525
Qualcomm -> Wcn3998
Qualcomm -> Pm6150l
Qualcomm -> Pm8250
Qualcomm -> Qat3516
Qualcomm -> Qca6431
Qualcomm -> Qdm5620
Qualcomm -> Qfs2608
Qualcomm -> Qpa8801
Qualcomm -> Qpm5677
Qualcomm -> Rsw8577
Qualcomm -> Sdr865
Qualcomm -> Smr526
Qualcomm -> Wcn6740
Qualcomm -> Pm6350
Qualcomm -> Pm8350
Qualcomm -> Qat3518
Qualcomm -> Qca6436
Qualcomm -> Qdm5621
Qualcomm -> Qfs2630
Qualcomm -> Qpa8802
Qualcomm -> Qpm5679
Qualcomm -> Sd460
Qualcomm -> Sdx55m
Qualcomm -> Smr545
Qualcomm -> Wcn6750
Qualcomm -> Pm660
Qualcomm -> Pm8350b
Qualcomm -> Qat3519
Qualcomm -> Qcm2290
Qualcomm -> Qdm5650
Qualcomm -> Qln4642
Qualcomm -> Qpa8803
Qualcomm -> Qpm5870
Qualcomm -> Sd660
Qualcomm -> Sdxr25g
Qualcomm -> Smr546

References:

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Vulnerability CVE-2020-11217

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CWE-415

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

4.6/10

6.4/10

3.9/10

Local

Low

No required

Partial

Partial

Partial

Affected software

References: