CVE-2020-11254

EPSS 0.13%
Veröffentlicht 07.05.2021 09:15:07
Zuletzt bearbeitet 21.11.2024 04:57:30
Quelle product-security@qualcomm.com
Teams Watchlist Login
Unerledigt Login

Memory corruption during buffer allocation due to dereferencing session ctx pointer without checking if pointer is valid in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualcomm ≫ Pm6150a Version-

Qualcomm ≫ Pm6150l Version-

Qualcomm ≫ Pm6350 Version-

Qualcomm ≫ Pm660 Version-

Qualcomm ≫ Pm660l Version-

Qualcomm ≫ Pm7250b Version-

Qualcomm ≫ Pm8008 Version-

Qualcomm ≫ Pm8009 Version-

Qualcomm ≫ Pm8350 Version-

Qualcomm ≫ Pm8350b Version-

Qualcomm ≫ Pm8350bh Version-

Qualcomm ≫ Pm8350c Version-

Qualcomm ≫ Pmk8003 Version-

Qualcomm ≫ Pmk8350 Version-

Qualcomm ≫ Pmm6155au Version-

Qualcomm ≫ Pmm8155au Version-

Qualcomm ≫ Pmm8195au Version-

Qualcomm ≫ Pmr735a Version-

Qualcomm ≫ Pmr735b Version-

Qualcomm ≫ Qat3516 Version-

Qualcomm ≫ Qat3518 Version-

Qualcomm ≫ Qat3519 Version-

Qualcomm ≫ Qat3555 Version-

Qualcomm ≫ Qat5515 Version-

Qualcomm ≫ Qat5516 Version-

Qualcomm ≫ Qat5522 Version-

Qualcomm ≫ Qat5568 Version-

Qualcomm ≫ Qbt1500 Version-

Qualcomm ≫ Qca6574au Version-

Qualcomm ≫ Qca6696 Version-

Qualcomm ≫ Qdm3301 Version-

Qualcomm ≫ Qdm4643 Version-

Qualcomm ≫ Qdm4650 Version-

Qualcomm ≫ Qdm5620 Version-

Qualcomm ≫ Qdm5621 Version-

Qualcomm ≫ Qdm5670 Version-

Qualcomm ≫ Qdm5671 Version-

Qualcomm ≫ Qet5100 Version-

Qualcomm ≫ Qet5100m Version-

Qualcomm ≫ Qet6100 Version-

Qualcomm ≫ Qet6105 Version-

Qualcomm ≫ Qet6110 Version-

Qualcomm ≫ Qfs2530 Version-

Qualcomm ≫ Qfs2580 Version-

Qualcomm ≫ Qfs2608 Version-

Qualcomm ≫ Qfs2630 Version-

Qualcomm ≫ Qln4642 Version-

Qualcomm ≫ Qln4650 Version-

Qualcomm ≫ Qln5020 Version-

Qualcomm ≫ Qln5030 Version-

Qualcomm ≫ Qln5040 Version-

Qualcomm ≫ Qpa2625 Version-

Qualcomm ≫ Qpa5461 Version-

Qualcomm ≫ Qpa5580 Version-

Qualcomm ≫ Qpa5581 Version-

Qualcomm ≫ Qpa8801 Version-

Qualcomm ≫ Qpa8802 Version-

Qualcomm ≫ Qpa8803 Version-

Qualcomm ≫ Qpa8821 Version-

Qualcomm ≫ Qpa8842 Version-

Qualcomm ≫ Qpm4621 Version-

Qualcomm ≫ Qpm4630 Version-

Qualcomm ≫ Qpm4640 Version-

Qualcomm ≫ Qpm4641 Version-

Qualcomm ≫ Qpm4650 Version-

Qualcomm ≫ Qpm5621 Version-

Qualcomm ≫ Qpm5641 Version-

Qualcomm ≫ Qpm5670 Version-

Qualcomm ≫ Qpm5677 Version-

Qualcomm ≫ Qpm5679 Version-

Qualcomm ≫ Qpm5870 Version-

Qualcomm ≫ Qpm5875 Version-

Qualcomm ≫ Qpm6585 Version-

Qualcomm ≫ Qpm6621 Version-

Qualcomm ≫ Qpm6670 Version-

Qualcomm ≫ Qpm8820 Version-

Qualcomm ≫ Qpm8870 Version-

Qualcomm ≫ Qtc800h Version-

Qualcomm ≫ Qtc800s Version-

Qualcomm ≫ Qtc801s Version-

Qualcomm ≫ Qtm525 Version-

Qualcomm ≫ Sa6145p Version-

Qualcomm ≫ Sa6150p Version-

Qualcomm ≫ Sa6155p Version-

Qualcomm ≫ Sa8150p Version-

Qualcomm ≫ Sa8155p Version-

Qualcomm ≫ Sa8195p Version-

Qualcomm ≫ Sd480 Version-

Qualcomm ≫ Sd670 Version-

Qualcomm ≫ Sd710 Version-

Qualcomm ≫ Sd888 Version-

Qualcomm ≫ Sd888 5g Version-

Qualcomm ≫ Sdr660 Version-

Qualcomm ≫ Sdr660g Version-

Qualcomm ≫ Sdr735 Version-

Qualcomm ≫ Sdr735g Version-

Qualcomm ≫ Sdr865 Version-

Qualcomm ≫ Sdxr1 Version-

Qualcomm ≫ Smb1351 Version-

Qualcomm ≫ Smb1355 Version-

Qualcomm ≫ Smb1396 Version-

Qualcomm ≫ Smb1398 Version-

Qualcomm ≫ Smr526 Version-

Qualcomm ≫ Smr545 Version-

Qualcomm ≫ Smr546 Version-

Qualcomm ≫ Wcd9326 Version-

Qualcomm ≫ Wcd9341 Version-

Qualcomm ≫ Wcd9370 Version-

Qualcomm ≫ Wcd9375 Version-

Qualcomm ≫ Wcd9380 Version-

Qualcomm ≫ Wcd9385 Version-

Qualcomm ≫ Wcn3980 Version-

Qualcomm ≫ Wcn3988 Version-

Qualcomm ≫ Wcn3990 Version-

Qualcomm ≫ Wcn3991 Version-

Qualcomm ≫ Wcn6850 Version-

Qualcomm ≫ Wcn6851 Version-

Qualcomm ≫ Wcn6855 Version-

Qualcomm ≫ Wcn6856 Version-

Qualcomm ≫ Wsa8830 Version-

Qualcomm ≫ Wsa8835 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.286

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:N/A:P
product-security@qualcomm.com	6.2	2.5	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-11254

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-11254

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-11254

EUVD