CVE-2020-11254

Memory corruption during buffer allocation due to dereferencing session ctx pointer without checking if pointer is valid in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

CVSS v3 6.2 MEDIUM
CVSS v2.0 2.1 LOW

6.2^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin	Patch Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:qualcomm:pm6150a:-:::::::*
	cpe:2.3:h:qualcomm:pm6150l:-:::::::*
	cpe:2.3:h:qualcomm:pm6350:-:::::::*
	cpe:2.3:h:qualcomm:pm660:-:::::::*
	cpe:2.3:h:qualcomm:pm660l:-:::::::*
	cpe:2.3:h:qualcomm:pm7250b:-:::::::*
	cpe:2.3:h:qualcomm:pm8008:-:::::::*
	cpe:2.3:h:qualcomm:pm8009:-:::::::*
	cpe:2.3:h:qualcomm:pm8350:-:::::::*
	cpe:2.3:h:qualcomm:pm8350b:-:::::::*
	cpe:2.3:h:qualcomm:pm8350bh:-:::::::*
	cpe:2.3:h:qualcomm:pm8350c:-:::::::*
	cpe:2.3:h:qualcomm:pmk8003:-:::::::*
	cpe:2.3:h:qualcomm:pmk8350:-:::::::*
	cpe:2.3:h:qualcomm:pmm6155au:-:::::::*
	cpe:2.3:h:qualcomm:pmm8155au:-:::::::*
	cpe:2.3:h:qualcomm:pmm8195au:-:::::::*
	cpe:2.3:h:qualcomm:pmr735a:-:::::::*
	cpe:2.3:h:qualcomm:pmr735b:-:::::::*
	cpe:2.3:h:qualcomm:qat3516:-:::::::*
	cpe:2.3:h:qualcomm:qat3518:-:::::::*
	cpe:2.3:h:qualcomm:qat3519:-:::::::*
	cpe:2.3:h:qualcomm:qat3555:-:::::::*
	cpe:2.3:h:qualcomm:qat5515:-:::::::*
	cpe:2.3:h:qualcomm:qat5516:-:::::::*
	cpe:2.3:h:qualcomm:qat5522:-:::::::*
	cpe:2.3:h:qualcomm:qat5568:-:::::::*
	cpe:2.3:h:qualcomm:qbt1500:-:::::::*
	cpe:2.3:h:qualcomm:qca6574au:-:::::::*
	cpe:2.3:h:qualcomm:qca6696:-:::::::*
	cpe:2.3:h:qualcomm:qdm3301:-:::::::*
	cpe:2.3:h:qualcomm:qdm4643:-:::::::*
	cpe:2.3:h:qualcomm:qdm4650:-:::::::*
	cpe:2.3:h:qualcomm:qdm5620:-:::::::*
	cpe:2.3:h:qualcomm:qdm5621:-:::::::*
	cpe:2.3:h:qualcomm:qdm5670:-:::::::*
	cpe:2.3:h:qualcomm:qdm5671:-:::::::*
	cpe:2.3:h:qualcomm:qet5100:-:::::::*
	cpe:2.3:h:qualcomm:qet5100m:-:::::::*
	cpe:2.3:h:qualcomm:qet6100:-:::::::*
	cpe:2.3:h:qualcomm:qet6105:-:::::::*
	cpe:2.3:h:qualcomm:qet6110:-:::::::*
	cpe:2.3:h:qualcomm:qfs2530:-:::::::*
	cpe:2.3:h:qualcomm:qfs2580:-:::::::*
	cpe:2.3:h:qualcomm:qfs2608:-:::::::*
	cpe:2.3:h:qualcomm:qfs2630:-:::::::*
	cpe:2.3:h:qualcomm:qln4642:-:::::::*
	cpe:2.3:h:qualcomm:qln4650:-:::::::*
	cpe:2.3:h:qualcomm:qln5020:-:::::::*
	cpe:2.3:h:qualcomm:qln5030:-:::::::*
	cpe:2.3:h:qualcomm:qln5040:-:::::::*
	cpe:2.3:h:qualcomm:qpa2625:-:::::::*
	cpe:2.3:h:qualcomm:qpa5461:-:::::::*
	cpe:2.3:h:qualcomm:qpa5580:-:::::::*
	cpe:2.3:h:qualcomm:qpa5581:-:::::::*
	cpe:2.3:h:qualcomm:qpa8801:-:::::::*
	cpe:2.3:h:qualcomm:qpa8802:-:::::::*
	cpe:2.3:h:qualcomm:qpa8803:-:::::::*
	cpe:2.3:h:qualcomm:qpa8821:-:::::::*
	cpe:2.3:h:qualcomm:qpa8842:-:::::::*
	cpe:2.3:h:qualcomm:qpm4621:-:::::::*
	cpe:2.3:h:qualcomm:qpm4630:-:::::::*
	cpe:2.3:h:qualcomm:qpm4640:-:::::::*
	cpe:2.3:h:qualcomm:qpm4641:-:::::::*
cpe:2.3:h:qualcomm:qpm4650:-:::::::*
cpe:2.3:h:qualcomm:qpm5621:-:::::::*
cpe:2.3:h:qualcomm:qpm5641:-:::::::*
cpe:2.3:h:qualcomm:qpm5670:-:::::::*
cpe:2.3:h:qualcomm:qpm5677:-:::::::*
cpe:2.3:h:qualcomm:qpm5679:-:::::::*
cpe:2.3:h:qualcomm:qpm5870:-:::::::*
cpe:2.3:h:qualcomm:qpm5875:-:::::::*
cpe:2.3:h:qualcomm:qpm6585:-:::::::*
cpe:2.3:h:qualcomm:qpm6621:-:::::::*
cpe:2.3:h:qualcomm:qpm6670:-:::::::*
cpe:2.3:h:qualcomm:qpm8820:-:::::::*
cpe:2.3:h:qualcomm:qpm8870:-:::::::*
cpe:2.3:h:qualcomm:qtc800h:-:::::::*
cpe:2.3:h:qualcomm:qtc800s:-:::::::*
cpe:2.3:h:qualcomm:qtc801s:-:::::::*
cpe:2.3:h:qualcomm:qtm525:-:::::::*
cpe:2.3:h:qualcomm:sa6145p:-:::::::*
cpe:2.3:h:qualcomm:sa6150p:-:::::::*
cpe:2.3:h:qualcomm:sa6155p:-:::::::*
cpe:2.3:h:qualcomm:sa8150p:-:::::::*
cpe:2.3:h:qualcomm:sa8155p:-:::::::*
cpe:2.3:h:qualcomm:sa8195p:-:::::::*
cpe:2.3:h:qualcomm:sd480:-:::::::*
cpe:2.3:h:qualcomm:sd670:-:::::::*
cpe:2.3:h:qualcomm:sd710:-:::::::*
cpe:2.3:h:qualcomm:sd888:-:::::::*
cpe:2.3:h:qualcomm:sd888_5g:-:::::::*
cpe:2.3:h:qualcomm:sdr660:-:::::::*
cpe:2.3:h:qualcomm:sdr660g:-:::::::*
cpe:2.3:h:qualcomm:sdr735:-:::::::*
cpe:2.3:h:qualcomm:sdr735g:-:::::::*
cpe:2.3:h:qualcomm:sdr865:-:::::::*
cpe:2.3:h:qualcomm:sdxr1:-:::::::*
cpe:2.3:h:qualcomm:smb1351:-:::::::*
cpe:2.3:h:qualcomm:smb1355:-:::::::*
cpe:2.3:h:qualcomm:smb1396:-:::::::*
cpe:2.3:h:qualcomm:smb1398:-:::::::*
cpe:2.3:h:qualcomm:smr526:-:::::::*
cpe:2.3:h:qualcomm:smr545:-:::::::*
cpe:2.3:h:qualcomm:smr546:-:::::::*
cpe:2.3:h:qualcomm:wcd9326:-:::::::*
cpe:2.3:h:qualcomm:wcd9341:-:::::::*
cpe:2.3:h:qualcomm:wcd9370:-:::::::*
cpe:2.3:h:qualcomm:wcd9375:-:::::::*
cpe:2.3:h:qualcomm:wcd9380:-:::::::*
cpe:2.3:h:qualcomm:wcd9385:-:::::::*
cpe:2.3:h:qualcomm:wcn3980:-:::::::*
cpe:2.3:h:qualcomm:wcn3988:-:::::::*
cpe:2.3:h:qualcomm:wcn3990:-:::::::*
cpe:2.3:h:qualcomm:wcn3991:-:::::::*
cpe:2.3:h:qualcomm:wcn6850:-:::::::*
cpe:2.3:h:qualcomm:wcn6851:-:::::::*
cpe:2.3:h:qualcomm:wcn6855:-:::::::*
cpe:2.3:h:qualcomm:wcn6856:-:::::::*
cpe:2.3:h:qualcomm:wsa8830:-:::::::*
cpe:2.3:h:qualcomm:wsa8835:-:::::::*

History

21 Nov 2024, 04:57

Type	Values Removed	Values Added
CVSS	v2 : ~~2.1~~ v3 : ~~5.5~~	v2 : 2.1 v3 : 6.2
References	~~() https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin - Patch, Vendor Advisory~~	() https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin - Patch, Vendor Advisory

Information

Published : 2021-05-07 09:15

Updated : 2024-11-21 04:57

NVD link : CVE-2020-11254

Mitre link : CVE-2020-11254

CVE.ORG link : CVE-2020-11254

JSON object : View

Products Affected

qualcomm

qdm5621
pmm6155au
qpm5677
sa8155p
qdm5671
wsa8835
sa8150p
pmm8195au
smr526
qln4642
pmr735a
qtc800s
qpa8801
wcd9341
pm8350bh
pm7250b
qet5100m
qln5020
qpa8821
pmk8350
pm8350b
qbt1500
qdm4650
qln5030
qpm4621
qdm5670
smb1396
qln4650
pm8350c
qet6105
qpm8870
sdr660
wcd9385
wcn6855
qpm5679
qca6696
sa6145p
qfs2630
sa8195p
qpm4641
qat3518
qtc800h
wcn6856
wsa8830
pm8350
qtm525
qat5522
qet6110
wcn6850
qpm5641
qdm3301
qpm6670
smb1355
pmk8003
sd670
sd710
sd480
qpm4650
pmr735b
qpm5870
wcd9375
qdm5620
qpa5581
qpm4640
qpm6585
qfs2580
smr545
wcd9326
smr546
sa6150p
pm8009
sdr865
wcn3988
pm8008
qpm4630
qat3516
wcd9370
sdr735g
pmm8155au
qca6574au
pm6150l
smb1398
qpa5580
qpa2625
qpm5875
qat3519
qpm5621
qdm4643
qat5516
sdr660g
sd888_5g
sd888
qet5100
qtc801s
qpa8842
pm6350
qpa8803
qpa8802
wcn6851
qpm5670
qpa5461
pm660l
wcd9380
sa6155p
pm660
qpm8820
qat5568
wcn3990
wcn3991
qln5040
sdr735
pm6150a
wcn3980
qat5515
qet6100
qpm6621
smb1351
qfs2530
sdxr1
qfs2608
qat3555

CWE

CWE-476

NULL Pointer Dereference

6.2 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2020-11254

6.2^/10

2.1^/10

Attach tags to `CVE-2020-11254`