CVE-2020-11136

2021-01-2109:41:10

qualcomm

www.cve.org

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.1%

JSON

Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CNA Affected

[
  {
    "product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
    "vendor": "Qualcomm, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "APQ8009, APQ8009W, APQ8017, APQ8030, APQ8037, APQ8052, APQ8053, APQ8056, APQ8060A, APQ8062, APQ8064, APQ8064AU, APQ8076, APQ8084, APQ8096AU, AQT1000, AR6003, AR8031, AR8035, AR8151, AR9374, CSRA6620, CSRA6640, CSRB31024, MDM8215, MDM8215M, MDM8615M, MDM8635M, MDM9206, MDM9215, MDM9225, MDM9225M, MDM9230, MDM9235M, MDM9310, MDM9330, MDM9607, MDM9615, MDM9615M, MDM9625, MDM9625M, MDM9628, MDM9630, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MPQ8064, MSM8108, MSM8208, MSM8209, MSM8226, MSM8227, MSM8230, MSM8608, MSM8610, MSM8626, MSM8627, MSM8630, MSM8909W, MSM8917, MSM8920, MSM8930, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8960, MSM8960SG, MSM8962, MSM8976, MSM8976SG, MSM8996AU, PM215, PM3003A, PM4125, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM7350C, PM8004, PM8005, PM8008, PM8009, PM8018, PM8019, PM8110, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8226, PM8 ...[truncated*]"
      }
    ]
  }
]

References

www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin