CVE-2020-11148

EPSS 0.04%
Published 21.01.2021 10:15:13
Last modified 21.11.2024 04:56:56
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Apq8017 Version-

Qualcomm ≫ Apq8053 Version-

Qualcomm ≫ Msm8917 Version-

Qualcomm ≫ Msm8953 Version-

Qualcomm ≫ Pm215 Version-

Qualcomm ≫ Pm3003a Version-

Qualcomm ≫ Pm439 Version-

Qualcomm ≫ Pm6125 Version-

Qualcomm ≫ Pm6150 Version-

Qualcomm ≫ Pm6150a Version-

Qualcomm ≫ Pm6150l Version-

Qualcomm ≫ Pm6350 Version-

Qualcomm ≫ Pm640a Version-

Qualcomm ≫ Pm640l Version-

Qualcomm ≫ Pm640p Version-

Qualcomm ≫ Pm660 Version-

Qualcomm ≫ Pm660l Version-

Qualcomm ≫ Pm670 Version-

Qualcomm ≫ Pm670l Version-

Qualcomm ≫ Pm7150a Version-

Qualcomm ≫ Pm7150l Version-

Qualcomm ≫ Pm7250 Version-

Qualcomm ≫ Pm7250b Version-

Qualcomm ≫ Pm7350c Version-

Qualcomm ≫ Pm8008 Version-

Qualcomm ≫ Pm8009 Version-

Qualcomm ≫ Pm8150a Version-

Qualcomm ≫ Pm8150b Version-

Qualcomm ≫ Pm8150c Version-

Qualcomm ≫ Pm8150l Version-

Qualcomm ≫ Pm8250 Version-

Qualcomm ≫ Pm8350 Version-

Qualcomm ≫ Pm8350b Version-

Qualcomm ≫ Pm8350bh Version-

Qualcomm ≫ Pm8350bhs Version-

Qualcomm ≫ Pm8350c Version-

Qualcomm ≫ Pm855 Version-

Qualcomm ≫ Pm855b Version-

Qualcomm ≫ Pm855l Version-

Qualcomm ≫ Pm8916 Version-

Qualcomm ≫ Pm8937 Version-

Qualcomm ≫ Pm8953 Version-

Qualcomm ≫ Pmi632 Version-

Qualcomm ≫ Pmi8937 Version-

Qualcomm ≫ Pmi8952 Version-

Qualcomm ≫ Pmk7350 Version-

Qualcomm ≫ Pmk8002 Version-

Qualcomm ≫ Pmk8003 Version-

Qualcomm ≫ Pmk8350 Version-

Qualcomm ≫ Pmm8195au Version-

Qualcomm ≫ Pmm855au Version-

Qualcomm ≫ Pmr525 Version-

Qualcomm ≫ Pmr735a Version-

Qualcomm ≫ Pmr735b Version-

Qualcomm ≫ Pmx55 Version-

Qualcomm ≫ Qat3514 Version-

Qualcomm ≫ Qat3516 Version-

Qualcomm ≫ Qat3518 Version-

Qualcomm ≫ Qat3519 Version-

Qualcomm ≫ Qat3522 Version-

Qualcomm ≫ Qat3550 Version-

Qualcomm ≫ Qat3555 Version-

Qualcomm ≫ Qat5515 Version-

Qualcomm ≫ Qat5516 Version-

Qualcomm ≫ Qat5522 Version-

Qualcomm ≫ Qat5533 Version-

Qualcomm ≫ Qat5568 Version-

Qualcomm ≫ Qbt1500 Version-

Qualcomm ≫ Qbt2000 Version-

Qualcomm ≫ Qca6390 Version-

Qualcomm ≫ Qca6391 Version-

Qualcomm ≫ Qca6421 Version-

Qualcomm ≫ Qca6426 Version-

Qualcomm ≫ Qca6431 Version-

Qualcomm ≫ Qca6436 Version-

Qualcomm ≫ Qca6574a Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6595 Version-

Qualcomm ≫ Qca6595au Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Qcs605 Version-

Qualcomm ≫ Qdm2301 Version-

Qualcomm ≫ Qdm2302 Version-

Qualcomm ≫ Qdm2305 Version-

Qualcomm ≫ Qdm2307 Version-

Qualcomm ≫ Qdm2308 Version-

Qualcomm ≫ Qdm2310 Version-

Qualcomm ≫ Qdm3301 Version-

Qualcomm ≫ Qdm3302 Version-

Qualcomm ≫ Qdm4643 Version-

Qualcomm ≫ Qdm4650 Version-

Qualcomm ≫ Qdm5579 Version-

Qualcomm ≫ Qdm5620 Version-

Qualcomm ≫ Qdm5621 Version-

Qualcomm ≫ Qdm5650 Version-

Qualcomm ≫ Qdm5652 Version-

Qualcomm ≫ Qdm5670 Version-

Qualcomm ≫ Qdm5671 Version-

Qualcomm ≫ Qdm5677 Version-

Qualcomm ≫ Qdm5679 Version-

Qualcomm ≫ Qet4101 Version-

Qualcomm ≫ Qet5100 Version-

Qualcomm ≫ Qet5100m Version-

Qualcomm ≫ Qet6100 Version-

Qualcomm ≫ Qet6110 Version-

Qualcomm ≫ Qfe2101 Version-

Qualcomm ≫ Qfe2520 Version-

Qualcomm ≫ Qfe2550 Version-

Qualcomm ≫ Qfe3340 Version-

Qualcomm ≫ Qfe4301 Version-

Qualcomm ≫ Qfe4302 Version-

Qualcomm ≫ Qfe4303 Version-

Qualcomm ≫ Qfe4305 Version-

Qualcomm ≫ Qfe4308 Version-

Qualcomm ≫ Qfe4309 Version-

Qualcomm ≫ Qfe4320 Version-

Qualcomm ≫ Qfe4373fc Version-

Qualcomm ≫ Qfs2530 Version-

Qualcomm ≫ Qfs2580 Version-

Qualcomm ≫ Qfs2608 Version-

Qualcomm ≫ Qfs2630 Version-

Qualcomm ≫ Qln4642 Version-

Qualcomm ≫ Qln4650 Version-

Qualcomm ≫ Qln5020 Version-

Qualcomm ≫ Qln5030 Version-

Qualcomm ≫ Qln5040 Version-

Qualcomm ≫ Qpa2625 Version-

Qualcomm ≫ Qpa4360 Version-

Qualcomm ≫ Qpa4361 Version-

Qualcomm ≫ Qpa5373 Version-

Qualcomm ≫ Qpa5461 Version-

Qualcomm ≫ Qpa5580 Version-

Qualcomm ≫ Qpa5581 Version-

Qualcomm ≫ Qpa6560 Version-

Qualcomm ≫ Qpa8673 Version-

Qualcomm ≫ Qpa8686 Version-

Qualcomm ≫ Qpa8801 Version-

Qualcomm ≫ Qpa8802 Version-

Qualcomm ≫ Qpa8803 Version-

Qualcomm ≫ Qpa8821 Version-

Qualcomm ≫ Qpa8842 Version-

Qualcomm ≫ Qpm4621 Version-

Qualcomm ≫ Qpm4630 Version-

Qualcomm ≫ Qpm4640 Version-

Qualcomm ≫ Qpm4641 Version-

Qualcomm ≫ Qpm4650 Version-

Qualcomm ≫ Qpm5621 Version-

Qualcomm ≫ Qpm5641 Version-

Qualcomm ≫ Qpm5658 Version-

Qualcomm ≫ Qpm5670 Version-

Qualcomm ≫ Qpm5677 Version-

Qualcomm ≫ Qpm5679 Version-

Qualcomm ≫ Qpm5870 Version-

Qualcomm ≫ Qpm5875 Version-

Qualcomm ≫ Qpm6582 Version-

Qualcomm ≫ Qpm6585 Version-

Qualcomm ≫ Qpm6621 Version-

Qualcomm ≫ Qpm6670 Version-

Qualcomm ≫ Qpm8820 Version-

Qualcomm ≫ Qpm8830 Version-

Qualcomm ≫ Qpm8870 Version-

Qualcomm ≫ Qpm8895 Version-

Qualcomm ≫ Qsm7250 Version-

Qualcomm ≫ Qsw6310 Version-

Qualcomm ≫ Qsw8573 Version-

Qualcomm ≫ Qsw8574 Version-

Qualcomm ≫ Qtc410s Version-

Qualcomm ≫ Qtc800h Version-

Qualcomm ≫ Qtc801s Version-

Qualcomm ≫ Qtm525 Version-

Qualcomm ≫ Qualcomm215 Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sa8150p Version-

Qualcomm ≫ Sa8155 Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sd429 Version-

Qualcomm ≫ Sd439 Version-

Qualcomm ≫ Sd632 Version-

Qualcomm ≫ Sd665 Version-

Qualcomm ≫ Sd675 Version-

Qualcomm ≫ Sd6905g Version-

Qualcomm ≫ Sd750g Version-

Qualcomm ≫ Sd765 Version-

Qualcomm ≫ Sd765g Version-

Qualcomm ≫ Sd768g Version-

Qualcomm ≫ Sd855 Version-

Qualcomm ≫ Sd8655g Version-

Qualcomm ≫ Sd8885g Version-

Qualcomm ≫ Sda429w Version-

Qualcomm ≫ Sdm429w Version-

Qualcomm ≫ Sdr660 Version-

Qualcomm ≫ Sdr660g Version-

Qualcomm ≫ Sdr735 Version-

Qualcomm ≫ Sdr735g Version-

Qualcomm ≫ Sdr8250 Version-

Qualcomm ≫ Sdr865 Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Sdxr1 Version-

Qualcomm ≫ Sdxr25g Version-

Qualcomm ≫ Sm7250p Version-

Qualcomm ≫ Sm7350 Version-

Qualcomm ≫ Smb1351 Version-

Qualcomm ≫ Smb1355 Version-

Qualcomm ≫ Smb1358 Version-

Qualcomm ≫ Smb1360 Version-

Qualcomm ≫ Smb1381 Version-

Qualcomm ≫ Smb1390 Version-

Qualcomm ≫ Smb1394 Version-

Qualcomm ≫ Smb1395 Version-

Qualcomm ≫ Smb1396 Version-

Qualcomm ≫ Smb1398 Version-

Qualcomm ≫ Smr525 Version-

Qualcomm ≫ Smr526 Version-

Qualcomm ≫ Smr545 Version-

Qualcomm ≫ Smr546 Version-

Qualcomm ≫ Wcd9326 Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn3610 Version-

Qualcomm ≫ Wcn3615 Version-

Qualcomm ≫ Wcn3620 Version-

Qualcomm ≫ Wcn3660b Version-

Qualcomm ≫ Wcn3680 Version-

Qualcomm ≫ Wcn3680b Version-

Qualcomm ≫ Wcn3950 Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3988 Version-

Qualcomm ≫ Wcn3990 Version-

Qualcomm ≫ Wcn3991 Version-

Qualcomm ≫ Wcn3998 Version-

Qualcomm ≫ Wcn6740 Version-

Qualcomm ≫ Wcn6850 Version-

Qualcomm ≫ Wcn6851 Version-

Qualcomm ≫ Wcn6856 Version-

Qualcomm ≫ Wgr7640 Version-

Qualcomm ≫ Wsa8810 Version-

Qualcomm ≫ Wsa8815 Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Version-

Qualcomm ≫ Wtr2955 Version-

Qualcomm ≫ Wtr2965 Version-

Qualcomm ≫ Wtr3925 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.089

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Broken Link

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-11148

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-11148

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-11148

EUVD