10
CVE-2020-11136
- EPSS 0.33%
- Veröffentlicht 21.01.2021 10:15:13
- Zuletzt bearbeitet 21.11.2024 04:56:54
- Quelle product-security@qualcomm.com
- Teams Watchlist Login
- Unerledigt Login
Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Qualcomm ≫ Qualcomm215 Version-
Qualcomm ≫ Sc8180x+sdx55 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.529 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.