7

CVE-2020-11173

u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8053, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8953, Nicobar, QCA6390, QCS404, QCS405, QCS610, Rennell, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM632, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QualcommAgatti Firmware Version-
   QualcommAgatti Version-
QualcommApq8053 Firmware Version-
   QualcommApq8053 Version-
QualcommBitra Firmware Version-
   QualcommBitra Version-
QualcommIpq4019 Firmware Version-
   QualcommIpq4019 Version-
QualcommIpq5018 Firmware Version-
   QualcommIpq5018 Version-
QualcommIpq6018 Firmware Version-
   QualcommIpq6018 Version-
QualcommIpq8064 Firmware Version-
   QualcommIpq8064 Version-
QualcommIpq8074 Firmware Version-
   QualcommIpq8074 Version-
QualcommKamorta Firmware Version-
   QualcommKamorta Version-
QualcommMdm9607 Firmware Version-
   QualcommMdm9607 Version-
QualcommMsm8953 Firmware Version-
   QualcommMsm8953 Version-
QualcommNicobar Firmware Version-
   QualcommNicobar Version-
QualcommQca6390 Firmware Version-
   QualcommQca6390 Version-
QualcommQcs404 Firmware Version-
   QualcommQcs404 Version-
QualcommQcs405 Firmware Version-
   QualcommQcs405 Version-
QualcommQcs610 Firmware Version-
   QualcommQcs610 Version-
QualcommRennell Firmware Version-
   QualcommRennell Version-
QualcommSa515m Firmware Version-
   QualcommSa515m Version-
QualcommSa6155p Firmware Version-
   QualcommSa6155p Version-
QualcommSa8155p Firmware Version-
   QualcommSa8155p Version-
QualcommSaipan Firmware Version-
   QualcommSaipan Version-
QualcommSc8180x Firmware Version-
   QualcommSc8180x Version-
QualcommSda845 Firmware Version-
   QualcommSda845 Version-
QualcommSdm429 Firmware Version-
   QualcommSdm429 Version-
QualcommSdm429w Firmware Version-
   QualcommSdm429w Version-
QualcommSdm632 Firmware Version-
   QualcommSdm632 Version-
QualcommSdm660 Firmware Version-
   QualcommSdm660 Version-
QualcommSdx55 Firmware Version-
   QualcommSdx55 Version-
QualcommSm6150 Firmware Version-
   QualcommSm6150 Version-
QualcommSm7150 Firmware Version-
   QualcommSm7150 Version-
QualcommSm8150 Firmware Version-
   QualcommSm8150 Version-
QualcommSm8250 Firmware Version-
   QualcommSm8250 Version-
QualcommSxr2130 Firmware Version-
   QualcommSxr2130 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.061
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7 1 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.4 3.4 6.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.