Lucene search

[email protected]CVE-2020-11169

HistoryNov 02, 2020 - 7:15 a.m.

CVE-2020-11169

2020-11-0207:15:00

CWE-190

CWE-125

[email protected]

web.nvd.nist.gov

cve-2020-11169

buffer over-read

l2cap packet

snapdragon

security vulnerability

integer overflow

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9.2 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.002 Low

EPSS

Percentile

58.3%

JSON

u’Buffer over-read while processing received L2CAP packet due to lack of integer overflow check’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55

CPENameOperatorVersion
qualcomm:apq8009_firmwarequalcomm apq8009 firmwareeq-
qualcomm:apq8053_firmwarequalcomm apq8053 firmwareeq-
qualcomm:qca6390_firmwarequalcomm qca6390 firmwareeq-
qualcomm:qcn7605_firmwarequalcomm qcn7605 firmwareeq-
qualcomm:qcn7606_firmwarequalcomm qcn7606 firmwareeq-
qualcomm:sa415m_firmwarequalcomm sa415m firmwareeq-
qualcomm:sa515m_firmwarequalcomm sa515m firmwareeq-
qualcomm:sa6155p_firmwarequalcomm sa6155p firmwareeq-
qualcomm:sa8155p_firmwarequalcomm sa8155p firmwareeq-
qualcomm:sc8180x_firmwarequalcomm sc8180x firmwareeq-

CPE	Name	Operator	Version
qualcomm:apq8009_firmware	qualcomm apq8009 firmware	eq	-
qualcomm:apq8053_firmware	qualcomm apq8053 firmware	eq	-
qualcomm:qca6390_firmware	qualcomm qca6390 firmware	eq	-
qualcomm:qcn7605_firmware	qualcomm qcn7605 firmware	eq	-
qualcomm:qcn7606_firmware	qualcomm qcn7606 firmware	eq	-
qualcomm:sa415m_firmware	qualcomm sa415m firmware	eq	-
qualcomm:sa515m_firmware	qualcomm sa515m firmware	eq	-
qualcomm:sa6155p_firmware	qualcomm sa6155p firmware	eq	-
qualcomm:sa8155p_firmware	qualcomm sa8155p firmware	eq	-
qualcomm:sc8180x_firmware	qualcomm sc8180x firmware	eq	-

Rows per page:

1-10 of 111

References

www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9.2 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.002 Low

EPSS

Percentile

58.3%

JSON

Related for CVE-2020-11169

prion1