Lucene search

[email protected]NVD:CVE-2020-11122

HistorySep 08, 2020 - 10:15 a.m.

CVE-2020-11122

2020-09-0810:15:14

CWE-476

[email protected]

web.nvd.nist.gov

null pointer exception

crafted mkv file

data stream deletion

invalid configuration

snapdragon auto

snapdragon consumer iot

snapdragon mobile

apq8098

bitra

kamorta

sa6155p

saipan

sm6150

sm7150

sm8150

sm8250

sxr2130

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

22.8%

JSON

u’Null Pointer exception while playing crafted mkv file as data stream get deleted on secondary invalid configuration’ in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8098, Bitra, Kamorta, SA6155P, Saipan, SM6150, SM7150, SM8150, SM8250, SXR2130

Affected configurations

Nvd

Node

qualcommapq8098_firmwareMatch-

AND

qualcommapq8098Match-

Node

qualcommbitra_firmwareMatch-

AND

qualcommbitraMatch-

Node

qualcommkamorta_firmwareMatch-

AND

qualcommkamortaMatch-

Node

qualcommsa6155p_firmwareMatch-

AND

qualcommsa6155pMatch-

Node

qualcommsaipan_firmwareMatch-

AND

qualcommsaipanMatch-

Node

qualcommsm6150_firmwareMatch-

AND

qualcommsm6150Match-

Node

qualcommsm7150_firmwareMatch-

AND

qualcommsm7150Match-

Node

qualcommsm8150_firmwareMatch-

AND

qualcommsm8150Match-

Node

qualcommsm8250_firmwareMatch-

AND

qualcommsm8250Match-

Node

qualcommsxr2130_firmwareMatch-

AND

qualcommsxr2130Match-

VendorProductVersionCPE
qualcommapq8098_firmware-cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*
qualcommapq8098-cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*
qualcommbitra_firmware-cpe:2.3:o:qualcomm:bitra_firmware:-:*:*:*:*:*:*:*
qualcommbitra-cpe:2.3:h:qualcomm:bitra:-:*:*:*:*:*:*:*
qualcommkamorta_firmware-cpe:2.3:o:qualcomm:kamorta_firmware:-:*:*:*:*:*:*:*
qualcommkamorta-cpe:2.3:h:qualcomm:kamorta:-:*:*:*:*:*:*:*
qualcommsa6155p_firmware-cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
qualcommsa6155p-cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*
qualcommsaipan_firmware-cpe:2.3:o:qualcomm:saipan_firmware:-:*:*:*:*:*:*:*
qualcommsaipan-cpe:2.3:h:qualcomm:saipan:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qualcomm	apq8098_firmware	-	cpe:2.3:o:qualcomm:apq8098_firmware:-:::::::*
qualcomm	apq8098	-	cpe:2.3:h:qualcomm:apq8098:-:::::::*
qualcomm	bitra_firmware	-	cpe:2.3:o:qualcomm:bitra_firmware:-:::::::*
qualcomm	bitra	-	cpe:2.3:h:qualcomm:bitra:-:::::::*
qualcomm	kamorta_firmware	-	cpe:2.3:o:qualcomm:kamorta_firmware:-:::::::*
qualcomm	kamorta	-	cpe:2.3:h:qualcomm:kamorta:-:::::::*
qualcomm	sa6155p_firmware	-	cpe:2.3:o:qualcomm:sa6155p_firmware:-:::::::*
qualcomm	sa6155p	-	cpe:2.3:h:qualcomm:sa6155p:-:::::::*
qualcomm	saipan_firmware	-	cpe:2.3:o:qualcomm:saipan_firmware:-:::::::*
qualcomm	saipan	-	cpe:2.3:h:qualcomm:saipan:-:::::::*

Rows per page:

1-10 of 201

References

www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin

www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

22.8%

JSON

Related for NVD:CVE-2020-11122

cve1 prion1 cvelist1