Vulnerability CVE-2020-11282


Published: 2021-02-22

Description:
Improper access control when using mmap with the kgsl driver with a special offset value that can be provided to map the memstore of the GPU to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Type:

CWE-863

(Incorrect Authorization)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Qualcomm -> Sdr660g 
Qualcomm -> Pmi8994 
Qualcomm -> Sdxr1 
Qualcomm -> Pmw3100 
Qualcomm -> Smb1381 
Qualcomm -> Qat5568 
Qualcomm -> Wcd9340 
Qualcomm -> Qca6431 
Qualcomm -> Wcn3980 
Qualcomm -> Qca9379 
Qualcomm -> Wtr1605 
Qualcomm -> Qdm2310 
Qualcomm -> Qet4200aq 
Qualcomm -> Qfe4320 
Qualcomm -> Qln5040 
Qualcomm -> Qpa8803 
Qualcomm -> Qpm5658 
Qualcomm -> Csrb31024 
Qualcomm -> Qsm7250 
Qualcomm -> Msm8953 
Qualcomm -> Sa6145p 
Qualcomm -> Pm660 
Qualcomm -> Sd662 
Qualcomm -> Pm8150 
Qualcomm -> Sd855 
Qualcomm -> Pm8909 
Qualcomm -> Sdr675 
Qualcomm -> Pmi8996 
Qualcomm -> Sdxr2 5g 
Qualcomm -> Pmx20 
Qualcomm -> Smb1390 
Qualcomm -> Qbt1000 
Qualcomm -> Wcd9341 
Qualcomm -> Qca6436 
Qualcomm -> Wcn3988 
Qualcomm -> Qcc1110 
Qualcomm -> Wtr1605l 
Qualcomm -> Qdm3301 
Qualcomm -> Qet5100 
Qualcomm -> Qfe4373fc 
Qualcomm -> Qpa2625 
Qualcomm -> Qpa8821 
Qualcomm -> Apq8009 
Qualcomm -> Qpm5670 
Qualcomm -> Fsm10055 
Qualcomm -> Qsw6310 
Qualcomm -> Msm8996au 
Qualcomm -> Sa6150p 
Qualcomm -> Pm660a 
Qualcomm -> Sd665 
Qualcomm -> Pm8150a 
Qualcomm -> Sd865 5g 
Qualcomm -> Pm8916 
Qualcomm -> Sdr735 
Qualcomm -> Pmi8998 
Qualcomm -> Sm4125 
Qualcomm -> Pmx24 
Qualcomm -> Smb1394 
Qualcomm -> Qbt1500 
Qualcomm -> Wcd9370 
Qualcomm -> Qca6564 
Qualcomm -> Wcn3990 
Qualcomm -> Qcm4290 
Qualcomm -> Wtr2955 
Qualcomm -> Qdm3302 
Qualcomm -> Qet5100m 
Qualcomm -> Qfs2530 
Qualcomm -> Qpa4340 
Qualcomm -> Qpa8842 
Qualcomm -> Apq8009w 
Qualcomm -> Qpm5677 
Qualcomm -> Fsm10056 
Qualcomm -> Qsw8573 
Qualcomm -> Pm215 
Qualcomm -> Sa6155 
Qualcomm -> Pm660l 
Qualcomm -> Sd670 
Qualcomm -> Pm8150b 
Qualcomm -> Sd888 5g 
Qualcomm -> Pm8937 
Qualcomm -> Sdr735g 
Qualcomm -> Pmk7350 
Qualcomm -> Sm4350 
Qualcomm -> Pmx50 
Qualcomm -> Smb1395 
Qualcomm -> Qbt2000 
Qualcomm -> Wcd9371 
Qualcomm -> Qca6564a 
Qualcomm -> Wcn3991 
Qualcomm -> Qcm6125 
Qualcomm -> Wtr2965 
Qualcomm -> Qdm4643 
Qualcomm -> Qet6100 
Qualcomm -> Qfs2580 
Qualcomm -> Qpa4360 
Qualcomm -> Qpm2630 
Qualcomm -> Apq8017 
Qualcomm -> Qpm5679 
Qualcomm -> Mdm8215 
Qualcomm -> Qsw8574 

 References:
https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top