CVE-2020-11196

EPSS 0.36%
Published 12.11.2020 10:15:12
Last modified 21.11.2024 04:57:12
Source product-security@qualcomm.com
Teams watchlist Login
Open Login

u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330

Affected products Warnungen 0 Metrics 3 CWE 2 References 4

Data is provided by the National Vulnerability Database (NVD)

Qualcomm ≫ Apq8009 Firmware Version-

Qualcomm ≫ Apq8009 Version-

Qualcomm ≫ Apq8009w Firmware Version-

Qualcomm ≫ Apq8009w Version-

Qualcomm ≫ Apq8017 Firmware Version-

Qualcomm ≫ Apq8017 Version-

Qualcomm ≫ Apq8037 Firmware Version-

Qualcomm ≫ Apq8037 Version-

Qualcomm ≫ Apq8053 Firmware Version-

Qualcomm ≫ Apq8053 Version-

Qualcomm ≫ Apq8064au Firmware Version-

Qualcomm ≫ Apq8064au Version-

Qualcomm ≫ Apq8096 Firmware Version-

Qualcomm ≫ Apq8096 Version-

Qualcomm ≫ Apq8096au Firmware Version-

Qualcomm ≫ Apq8096au Version-

Qualcomm ≫ Apq8096sg Firmware Version-

Qualcomm ≫ Apq8096sg Version-

Qualcomm ≫ Apq8098 Firmware Version-

Qualcomm ≫ Apq8098 Version-

Qualcomm ≫ Mdm9206 Firmware Version-

Qualcomm ≫ Mdm9206 Version-

Qualcomm ≫ Mdm9650 Firmware Version-

Qualcomm ≫ Mdm9650 Version-

Qualcomm ≫ Msm8905 Firmware Version-

Qualcomm ≫ Msm8905 Version-

Qualcomm ≫ Msm8909 Firmware Version-

Qualcomm ≫ Msm8909 Version-

Qualcomm ≫ Msm8909w Firmware Version-

Qualcomm ≫ Msm8909w Version-

Qualcomm ≫ Msm8917 Firmware Version-

Qualcomm ≫ Msm8917 Version-

Qualcomm ≫ Msm8920 Firmware Version-

Qualcomm ≫ Msm8920 Version-

Qualcomm ≫ Msm8937 Firmware Version-

Qualcomm ≫ Msm8937 Version-

Qualcomm ≫ Msm8940 Firmware Version-

Qualcomm ≫ Msm8940 Version-

Qualcomm ≫ Msm8953 Firmware Version-

Qualcomm ≫ Msm8953 Version-

Qualcomm ≫ Msm8996 Firmware Version-

Qualcomm ≫ Msm8996 Version-

Qualcomm ≫ Msm8996au Firmware Version-

Qualcomm ≫ Msm8996au Version-

Qualcomm ≫ Msm8996sg Firmware Version-

Qualcomm ≫ Msm8996sg Version-

Qualcomm ≫ Msm8998 Firmware Version-

Qualcomm ≫ Msm8998 Version-

Qualcomm ≫ Qcm4290 Firmware Version-

Qualcomm ≫ Qcm4290 Version-

Qualcomm ≫ Qcm6125 Firmware Version-

Qualcomm ≫ Qcm6125 Version-

Qualcomm ≫ Qcs405 Firmware Version-

Qualcomm ≫ Qcs405 Version-

Qualcomm ≫ Qcs410 Firmware Version-

Qualcomm ≫ Qcs410 Version-

Qualcomm ≫ Qcs4290 Firmware Version-

Qualcomm ≫ Qcs4290 Version-

Qualcomm ≫ Qcs603 Firmware Version-

Qualcomm ≫ Qcs603 Version-

Qualcomm ≫ Qcs605 Firmware Version-

Qualcomm ≫ Qcs605 Version-

Qualcomm ≫ Qcs610 Firmware Version-

Qualcomm ≫ Qcs610 Version-

Qualcomm ≫ Qcs6125 Firmware Version-

Qualcomm ≫ Qcs6125 Version-

Qualcomm ≫ Qm215 Firmware Version-

Qualcomm ≫ Qm215 Version-

Qualcomm ≫ Sa6145 Firmware Version-

Qualcomm ≫ Sa6145 Version-

Qualcomm ≫ Sa6150p Firmware Version-

Qualcomm ≫ Sa6150p Version-

Qualcomm ≫ Sa6155 Firmware Version-

Qualcomm ≫ Sa6155 Version-

Qualcomm ≫ Sa6155p Firmware Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sa8150p Firmware Version-

Qualcomm ≫ Sa8150p Version-

Qualcomm ≫ Sa8155 Firmware Version-

Qualcomm ≫ Sa8155 Version-

Qualcomm ≫ Sa8155p Firmware Version-

Qualcomm ≫ Sa8155p Version-

Qualcomm ≫ Sa8195p Firmware Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sda429w Firmware Version-

Qualcomm ≫ Sda429w Version-

Qualcomm ≫ Sda640 Firmware Version-

Qualcomm ≫ Sda640 Version-

Qualcomm ≫ Sda660 Firmware Version-

Qualcomm ≫ Sda660 Version-

Qualcomm ≫ Sda670 Firmware Version-

Qualcomm ≫ Sda670 Version-

Qualcomm ≫ Sda845 Firmware Version-

Qualcomm ≫ Sda845 Version-

Qualcomm ≫ Sdm429 Firmware Version-

Qualcomm ≫ Sdm429 Version-

Qualcomm ≫ Sdm429w Firmware Version-

Qualcomm ≫ Sdm429w Version-

Qualcomm ≫ Sdm439 Firmware Version-

Qualcomm ≫ Sdm439 Version-

Qualcomm ≫ Sdm450 Firmware Version-

Qualcomm ≫ Sdm450 Version-

Qualcomm ≫ Sdm455 Firmware Version-

Qualcomm ≫ Sdm455 Version-

Qualcomm ≫ Sdm630 Firmware Version-

Qualcomm ≫ Sdm630 Version-

Qualcomm ≫ Sdm632 Firmware Version-

Qualcomm ≫ Sdm632 Version-

Qualcomm ≫ Sdm636 Firmware Version-

Qualcomm ≫ Sdm636 Version-

Qualcomm ≫ Sdm640 Firmware Version-

Qualcomm ≫ Sdm640 Version-

Qualcomm ≫ Sdm660 Firmware Version-

Qualcomm ≫ Sdm660 Version-

Qualcomm ≫ Sdm670 Firmware Version-

Qualcomm ≫ Sdm670 Version-

Qualcomm ≫ Sdm710 Firmware Version-

Qualcomm ≫ Sdm710 Version-

Qualcomm ≫ Sdm830 Firmware Version-

Qualcomm ≫ Sdm830 Version-

Qualcomm ≫ Sdm845 Firmware Version-

Qualcomm ≫ Sdm845 Version-

Qualcomm ≫ Sdw2500 Firmware Version-

Qualcomm ≫ Sdw2500 Version-

Qualcomm ≫ Sdx20 Firmware Version-

Qualcomm ≫ Sdx20 Version-

Qualcomm ≫ Sdx20m Firmware Version-

Qualcomm ≫ Sdx20m Version-

Qualcomm ≫ Sdx50m Firmware Version-

Qualcomm ≫ Sdx50m Version-

Qualcomm ≫ Sdx55 Firmware Version-

Qualcomm ≫ Sdx55 Version-

Qualcomm ≫ Sdx55m Firmware Version-

Qualcomm ≫ Sdx55m Version-

Qualcomm ≫ Sm4125 Firmware Version-

Qualcomm ≫ Sm4125 Version-

Qualcomm ≫ Sm4250 Firmware Version-

Qualcomm ≫ Sm4250 Version-

Qualcomm ≫ Sm4250p Firmware Version-

Qualcomm ≫ Sm4250p Version-

Qualcomm ≫ Sm6115 Firmware Version-

Qualcomm ≫ Sm6115 Version-

Qualcomm ≫ Sm6115p Firmware Version-

Qualcomm ≫ Sm6115p Version-

Qualcomm ≫ Sm6125 Firmware Version-

Qualcomm ≫ Sm6125 Version-

Qualcomm ≫ Sm6150 Firmware Version-

Qualcomm ≫ Sm6150 Version-

Qualcomm ≫ Sm6150p Firmware Version-

Qualcomm ≫ Sm6150p Version-

Qualcomm ≫ Sm6250 Firmware Version-

Qualcomm ≫ Sm6250 Version-

Qualcomm ≫ Sm6250p Firmware Version-

Qualcomm ≫ Sm6250p Version-

Qualcomm ≫ Sm6350 Firmware Version-

Qualcomm ≫ Sm6350 Version-

Qualcomm ≫ Sm7125 Firmware Version-

Qualcomm ≫ Sm7125 Version-

Qualcomm ≫ Sm7150 Firmware Version-

Qualcomm ≫ Sm7150 Version-

Qualcomm ≫ Sm7150p Firmware Version-

Qualcomm ≫ Sm7150p Version-

Qualcomm ≫ Sm7225 Firmware Version-

Qualcomm ≫ Sm7225 Version-

Qualcomm ≫ Sm7250 Firmware Version-

Qualcomm ≫ Sm7250 Version-

Qualcomm ≫ Sm7250p Firmware Version-

Qualcomm ≫ Sm7250p Version-

Qualcomm ≫ Sm8150 Firmware Version-

Qualcomm ≫ Sm8150 Version-

Qualcomm ≫ Sm8150p Firmware Version-

Qualcomm ≫ Sm8150p Version-

Qualcomm ≫ Sm8250 Firmware Version-

Qualcomm ≫ Sm8250 Version-

Qualcomm ≫ Sxr1120 Firmware Version-

Qualcomm ≫ Sxr1120 Version-

Qualcomm ≫ Sxr1130 Firmware Version-

Qualcomm ≫ Sxr1130 Version-

Qualcomm ≫ Sxr2130 Firmware Version-

Qualcomm ≫ Sxr2130 Version-

Qualcomm ≫ Sxr2130p Firmware Version-

Qualcomm ≫ Sxr2130p Version-

Qualcomm ≫ Wcd9330 Firmware Version-

Qualcomm ≫ Wcd9330 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.36%	0.549

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-11196

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-11196

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-11196

EUVD