CVE-2020-11126

2021-06-0905:00:35

qualcomm

www.cve.org

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.5%

JSON

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8096AU, AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, IPQ4018, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9640, PM3003A, PM4125, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8996, PM8998, PMC1000H, PMC7180, PMD9645, PMD9655, PME605, PMI632, PMI8996, PMI8998, PMK8002, PMK8003, PMK8350, PMM8155AU, PMM855AU, PMM8996AU, PMP8074, PMR525, PMR735A, PMR735B, PMX50, PMX55, QAT3514, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1500, QBT2000, QCA4024, QCA6174A, QCA6175A ...[truncated*]"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin