Lucene search

[email protected]CVE-2020-11144

HistoryJan 21, 2021 - 10:15 a.m.

CVE-2020-11144

2021-01-2110:15:13

CWE-125

CWE-20

[email protected]

web.nvd.nist.gov

cve-2020-11144

buffer over-read

rohc packet

snapdragon auto

snapdragon compute

snapdragon connectivity

snapdragon consumer iot

snapdragon industrial iot

snapdragon iot

snapdragon mobile

snapdragon voice & music

snapdragon wearables

security vulnerability

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.0%

JSON

Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Affected configurations

NVD

Node

qualcommapq8009Match-

qualcommapq8009wMatch-

qualcommapq8017Match-

qualcommapq8037Match-

qualcommapq8053Match-

qualcommapq8084Match-

qualcommapq8096auMatch-

qualcommaqt1000Match-

qualcommar6003Match-

qualcommar8035Match-

qualcommar8151Match-

qualcommcsr6030Match-

qualcommcsrb31024Match-

qualcommfsm10055Match-

qualcommmdm8207Match-

qualcommmdm8215Match-

qualcommmdm8215mMatch-

qualcommmdm8615mMatch-

qualcommmdm9150Match-

qualcommmdm9205Match-

qualcommmdm9206Match-

qualcommmdm9207Match-

qualcommmdm9215Match-

qualcommmdm9230Match-

qualcommmdm9250Match-

qualcommmdm9310Match-

qualcommmdm9330Match-

qualcommmdm9607Match-

qualcommmdm9615Match-

qualcommmdm9615mMatch-

qualcommmdm9625Match-

qualcommmdm9628Match-

qualcommmdm9630Match-

qualcommmdm9635mMatch-

qualcommmdm9640Match-

qualcommmdm9645Match-

qualcommmdm9650Match-

qualcommmdm9655Match-

qualcommmsm8108Match-

qualcommmsm8208Match-

qualcommmsm8209Match-

qualcommmsm8608Match-

qualcommmsm8909wMatch-

qualcommmsm8917Match-

qualcommmsm8920Match-

qualcommmsm8937Match-

qualcommmsm8940Match-

qualcommmsm8953Match-

qualcommmsm8976Match-

qualcommmsm8976sgMatch-

qualcommmsm8996auMatch-

qualcommpm215Match-

qualcommpm3003aMatch-

qualcommpm4125Match-

qualcommpm439Match-

qualcommpm456Match-

qualcommpm6125Match-

qualcommpm6150Match-

qualcommpm6150aMatch-

qualcommpm6150lMatch-

qualcommpm6250Match-

qualcommpm640aMatch-

qualcommpm640lMatch-

qualcommpm640pMatch-

qualcommpm660Match-

qualcommpm660aMatch-

qualcommpm660lMatch-

qualcommpm670Match-

qualcommpm670lMatch-

qualcommpm7150aMatch-

qualcommpm7150lMatch-

qualcommpm7250Match-

qualcommpm7250bMatch-

qualcommpm8004Match-

qualcommpm8005Match-

qualcommpm8008Match-

qualcommpm8009Match-

qualcommpm8018Match-

qualcommpm8019Match-

qualcommpm8150Match-

qualcommpm8150aMatch-

qualcommpm8150bMatch-

qualcommpm8150cMatch-

qualcommpm8150lMatch-

qualcommpm8250Match-

qualcommpm855Match-

qualcommpm855aMatch-

qualcommpm855bMatch-

qualcommpm855lMatch-

qualcommpm855pMatch-

qualcommpm8909Match-

qualcommpm8916Match-

qualcommpm8937Match-

qualcommpm8940Match-

qualcommpm8952Match-

qualcommpm8953Match-

qualcommpm8956Match-

qualcommpm8996Match-

qualcommpm8998Match-

qualcommpmc1000hMatch-

qualcommpmd9607Match-

qualcommpmd9635Match-

qualcommpmd9645Match-

qualcommpmd9655Match-

qualcommpmd9655auMatch-

qualcommpme605Match-

qualcommpmi632Match-

qualcommpmi8937Match-

qualcommpmi8940Match-

qualcommpmi8952Match-

qualcommpmi8994Match-

qualcommpmi8996Match-

qualcommpmi8998Match-

qualcommpmk8001Match-

qualcommpmk8002Match-

qualcommpmm855auMatch-

qualcommpmm8996auMatch-

qualcommpmr525Match-

qualcommpmr735aMatch-

qualcommpmw3100Match-

qualcommpmx20Match-

qualcommpmx24Match-

qualcommpmx50Match-

qualcommpmx55Match-

qualcommqat3514Match-

qualcommqat3516Match-

qualcommqat3518Match-

qualcommqat3519Match-

qualcommqat3522Match-

qualcommqat3550Match-

qualcommqat3555Match-

qualcommqat5515Match-

qualcommqat5516Match-

qualcommqat5522Match-

qualcommqat5533Match-

qualcommqbt1000Match-

qualcommqbt1500Match-

qualcommqbt2000Match-

qualcommqca4004Match-

qualcommqca4020Match-

qualcommqca6174Match-

qualcommqca6174aMatch-

qualcommqca6310Match-

qualcommqca6320Match-

qualcommqca6335Match-

qualcommqca6390Match-

qualcommqca6391Match-

qualcommqca6420Match-

qualcommqca6421Match-

qualcommqca6426Match-

qualcommqca6430Match-

qualcommqca6431Match-

qualcommqca6436Match-

qualcommqca6564aMatch-

qualcommqca6564auMatch-

qualcommqca6574Match-

qualcommqca6574aMatch-

qualcommqca6574auMatch-

qualcommqca6584Match-

qualcommqca6584auMatch-

qualcommqca6595Match-

qualcommqca6595auMatch-

qualcommqca6694Match-

qualcommqca6694auMatch-

qualcommqca6696Match-

qualcommqca8337Match-

qualcommqca9367Match-

qualcommqca9377Match-

qualcommqca9379Match-

qualcommqcc1110Match-

qualcommqcc112Match-

qualcommqcm2290Match-

qualcommqcm4290Match-

qualcommqcm6125Match-

qualcommqcs2290Match-

qualcommqcs410Match-

qualcommqcs4290Match-

qualcommqcs603Match-

qualcommqcs605Match-

qualcommqcs610Match-

qualcommqcs6125Match-

qualcommqdm2301Match-

qualcommqdm2302Match-

qualcommqdm2305Match-

qualcommqdm2307Match-

qualcommqdm2308Match-

qualcommqdm2310Match-

qualcommqdm3301Match-

qualcommqdm5620Match-

qualcommqdm5621Match-

qualcommqdm5650Match-

qualcommqdm5652Match-

qualcommqdm5670Match-

qualcommqdm5671Match-

qualcommqdm5677Match-

qualcommqdm5679Match-

qualcommqet4100Match-

qualcommqet4101Match-

qualcommqet4200aqMatch-

qualcommqet5100Match-

qualcommqet5100mMatch-

qualcommqet6110Match-

qualcommqfe1035Match-

qualcommqfe1040Match-

qualcommqfe1045Match-

qualcommqfe1100Match-

qualcommqfe2080fcMatch-

qualcommqfe2081fcMatch-

qualcommqfe2082fcMatch-

qualcommqfe2101Match-

qualcommqfe2340Match-

qualcommqfe2520Match-

qualcommqfe2550Match-

qualcommqfe3100Match-

qualcommqfe3320Match-

qualcommqfe3335Match-

qualcommqfe3340Match-

qualcommqfe3345Match-

qualcommqfe3440fcMatch-

qualcommqfe4301Match-

qualcommqfe4302Match-

qualcommqfe4303Match-

qualcommqfe4305Match-

qualcommqfe4308Match-

qualcommqfe4309Match-

qualcommqfe4320Match-

qualcommqfe4373fcMatch-

qualcommqfe4455fcMatch-

qualcommqfe4465fcMatch-

qualcommqfs2530Match-

qualcommqfs2580Match-

qualcommqln1020Match-

qualcommqln1021aqMatch-

qualcommqln1030Match-

qualcommqln1031Match-

qualcommqln1035bdMatch-

qualcommqln1036aqMatch-

qualcommqln4640Match-

qualcommqln4642Match-

qualcommqln4650Match-

qualcommqln5020Match-

qualcommqln5030Match-

qualcommqln5040Match-

qualcommqpa2625Match-

qualcommqpa4340Match-

qualcommqpa4360Match-

qualcommqpa4361Match-

qualcommqpa5373Match-

qualcommqpa5460Match-

qualcommqpa5580Match-

qualcommqpa6560Match-

qualcommqpa8673Match-

qualcommqpa8675Match-

qualcommqpa8686Match-

qualcommqpa8801Match-

qualcommqpa8802Match-

qualcommqpa8803Match-

qualcommqpa8821Match-

qualcommqpa8842Match-

qualcommqpm2630Match-

qualcommqpm4650Match-

qualcommqpm5541Match-

qualcommqpm5577Match-

qualcommqpm5579Match-

qualcommqpm5621Match-

qualcommqpm5658Match-

qualcommqpm5670Match-

qualcommqpm5677Match-

qualcommqpm5679Match-

qualcommqpm6325Match-

qualcommqpm6375Match-

qualcommqpm6582Match-

qualcommqpm6585Match-

qualcommqpm8820Match-

qualcommqpm8830Match-

qualcommqpm8870Match-

qualcommqpm8895Match-

qualcommqsm7250Match-

qualcommqsw6310Match-

qualcommqsw8573Match-

qualcommqsw8574Match-

qualcommqtc410sMatch-

qualcommqtc800hMatch-

qualcommqtc800sMatch-

qualcommqtc800tMatch-

qualcommqtc801sMatch-

qualcommqtm525Match-

qualcommqtm527Match-

qualcommqualcomm215Match-

qualcommrgr7640auMatch-

qualcommrsw8577Match-

qualcommsa415mMatch-

qualcommsa515mMatch-

qualcommsa8155Match-

qualcommsa8155pMatch-

qualcommsc8180x\+sdx55Match-

qualcommsd205Match-

qualcommsd210Match-

qualcommsd429Match-

qualcommsd439Match-

qualcommsd450Match-

qualcommsd455Match-

qualcommsd460Match-

qualcommsd632Match-

qualcommsd636Match-

qualcommsd660Match-

qualcommsd662Match-

qualcommsd665Match-

qualcommsd670Match-

qualcommsd675Match-

qualcommsd710Match-

qualcommsd712Match-

qualcommsd720gMatch-

qualcommsd730Match-

qualcommsd765Match-

qualcommsd765gMatch-

qualcommsd768gMatch-

qualcommsd820Match-

qualcommsd821Match-

qualcommsd835Match-

qualcommsd845Match-

qualcommsd850Match-

qualcommsd855Match-

qualcommsd8655gMatch-

qualcommsd8cMatch-

qualcommsd8cxMatch-

qualcommsda429wMatch-

qualcommsdm429wMatch-

qualcommsdm630Match-

qualcommsdr051Match-

qualcommsdr052Match-

qualcommsdr105Match-

qualcommsdr425Match-

qualcommsdr660Match-

qualcommsdr660gMatch-

qualcommsdr675Match-

qualcommsdr8150Match-

qualcommsdr8250Match-

qualcommsdr845Match-

qualcommsdr865Match-

qualcommsdw2500Match-

qualcommsdw3100Match-

qualcommsdx20Match-

qualcommsdx24Match-

qualcommsdx50mMatch-

qualcommsdx55Match-

qualcommsdx55mMatch-

qualcommsdxr1Match-

qualcommsdxr25gMatch-

qualcommsm4125Match-

qualcommsm6250Match-

qualcommsm6250pMatch-

qualcommsm7250pMatch-

qualcommsmb1350Match-

qualcommsmb1351Match-

qualcommsmb1354Match-

qualcommsmb1355Match-

qualcommsmb1357Match-

qualcommsmb1358Match-

qualcommsmb1360Match-

qualcommsmb1380Match-

qualcommsmb1381Match-

qualcommsmb1390Match-

qualcommsmb1395Match-

qualcommsmb231Match-

qualcommsmb2351Match-

qualcommsmb358Match-

qualcommsmb358sMatch-

qualcommsmr525Match-

qualcommsmr526Match-

qualcommwcd9306Match-

qualcommwcd9326Match-

qualcommwcd9330Match-

qualcommwcd9335Match-

qualcommwcd9340Match-

qualcommwcd9341Match-

qualcommwcd9360Match-

qualcommwcd9370Match-

qualcommwcd9371Match-

qualcommwcd9375Match-

qualcommwcd9380Match-

qualcommwcd9385Match-

qualcommwcn3610Match-

qualcommwcn3615Match-

qualcommwcn3620Match-

qualcommwcn3660Match-

qualcommwcn3660bMatch-

qualcommwcn3680Match-

qualcommwcn3680bMatch-

qualcommwcn3910Match-

qualcommwcn3950Match-

qualcommwcn3980Match-

qualcommwcn3988Match-

qualcommwcn3990Match-

qualcommwcn3991Match-

qualcommwcn3998Match-

qualcommwcn6750Match-

qualcommwcn6850Match-

qualcommwgr7640Match-

qualcommwhs9410Match-

qualcommwsa8810Match-

qualcommwsa8815Match-

qualcommwtr1605Match-

qualcommwtr1605lMatch-

qualcommwtr1625Match-

qualcommwtr2955Match-

qualcommwtr2965Match-

qualcommwtr3905Match-

qualcommwtr3925Match-

qualcommwtr3950Match-

qualcommwtr4605Match-

qualcommwtr4905Match-

qualcommwtr5975Match-

qualcommwtr6955Match-

CPENameOperatorVersion
qualcomm:apq8009qualcomm apq8009eq-
qualcomm:apq8009wqualcomm apq8009weq-
qualcomm:apq8017qualcomm apq8017eq-
qualcomm:apq8037qualcomm apq8037eq-
qualcomm:apq8053qualcomm apq8053eq-
qualcomm:apq8084qualcomm apq8084eq-
qualcomm:apq8096auqualcomm apq8096aueq-
qualcomm:aqt1000qualcomm aqt1000eq-
qualcomm:ar6003qualcomm ar6003eq-
qualcomm:ar8035qualcomm ar8035eq-

CPE	Name	Operator	Version
qualcomm:apq8009	qualcomm apq8009	eq	-
qualcomm:apq8009w	qualcomm apq8009w	eq	-
qualcomm:apq8017	qualcomm apq8017	eq	-
qualcomm:apq8037	qualcomm apq8037	eq	-
qualcomm:apq8053	qualcomm apq8053	eq	-
qualcomm:apq8084	qualcomm apq8084	eq	-
qualcomm:apq8096au	qualcomm apq8096au	eq	-
qualcomm:aqt1000	qualcomm aqt1000	eq	-
qualcomm:ar6003	qualcomm ar6003	eq	-
qualcomm:ar8035	qualcomm ar8035	eq	-

Rows per page:

1-10 of 4141

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8084, APQ8096AU, AQT1000, AR6003, AR8035, AR8151, CSR6030, CSRB31024, FSM10055, MDM8207, MDM8215, MDM8215M, MDM8615M, MDM9150, MDM9205, MDM9206, MDM9207, MDM9215, MDM9230, MDM9250, MDM9310, MDM9330, MDM9607, MDM9615, MDM9615M, MDM9625, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8976SG, MSM8996AU, PM215, PM3003A, PM4125, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8018, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8952, PM8953, PM8956, PM8996, PM8998, PMC1000H, PMD9607, PMD9635, PMD9645, PMD9655, PMD9655AU, PME605, PMI632, PMI8937, PMI8940, PMI8952, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002, PMM8 ...[truncated*]"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Social References

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.0%

JSON

Related for CVE-2020-11144

prion1 nvd1 cvelist1