Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-7CPF-7F36-GXJ9
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07
VLAI?
Details
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
{
"affected": [],
"aliases": [
"CVE-2020-11307"
],
"database_specific": {
"cwe_ids": [
"CWE-129"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-13T06:15:00Z",
"severity": "CRITICAL"
},
"details": "Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables",
"id": "GHSA-7cpf-7f36-gxj9",
"modified": "2022-05-24T19:07:47Z",
"published": "2022-05-24T19:07:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11307"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
],
"schema_version": "1.4.0",
"severity": []
}
CVE-2020-11307 (GCVE-0-2020-11307)
Vulnerability from cvelistv5 – Published: 2021-07-13 05:30 – Updated: 2024-08-04 11:28
VLAI?
EPSS
Summary
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
Severity ?
9.8 (Critical)
CWE
- Integer Overflow to Buffer Overflow in Data HLOS
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables |
Affected:
APQ8009W
Affected: APQ8017 Affected: APQ8053 Affected: APQ8064AU Affected: APQ8096AU Affected: AQT1000 Affected: MSM8909W Affected: MSM8917 Affected: MSM8937 Affected: MSM8953 Affected: MSM8996AU Affected: PM8937 Affected: QCA6320 Affected: QCA6390 Affected: QCA6391 Affected: QCA6420 Affected: QCA6421 Affected: QCA6426 Affected: QCA6430 Affected: QCA6431 Affected: QCA6436 Affected: QCA6564 Affected: QCA6564A Affected: QCA6564AU Affected: QCA6574 Affected: QCA6574A Affected: QCA6574AU Affected: QCA6595 Affected: QCA6595AU Affected: QCA6696 Affected: QCM2290 Affected: QCM4290 Affected: QCM6125 Affected: QCS2290 Affected: QCS4290 Affected: QCS603 Affected: QCS605 Affected: QCS610 Affected: QCS6125 Affected: Qualcomm215 Affected: SA6145P Affected: SA6150P Affected: SA6155 Affected: SA6155P Affected: SA8145P Affected: SA8150P Affected: SA8155 Affected: SA8155P Affected: SA8195P Affected: SD 455 Affected: SD 636 Affected: SD 675 Affected: SD205 Affected: SD210 Affected: SD429 Affected: SD439 Affected: SD450 Affected: SD460 Affected: SD480 Affected: SD632 Affected: SD660 Affected: SD662 Affected: SD665 Affected: SD670 Affected: SD675 Affected: SD678 Affected: SD690 5G Affected: SD720G Affected: SD730 Affected: SD750G Affected: SD765 Affected: SD765G Affected: SD768G Affected: SD778G Affected: SD780G Affected: SD835 Affected: SD855 Affected: SD865 5G Affected: SD870 Affected: SD888 Affected: SD888 5G Affected: SDM429W Affected: SDM630 Affected: SDM830 Affected: SDW2500 Affected: SDX50M Affected: SDX55 Affected: SDX55M Affected: SDXR1 Affected: SDXR2 5G Affected: SM4125 Affected: SM6250 Affected: SM6250P Affected: SM7250P Affected: SM7325P Affected: WCD9335 Affected: WCD9370 Affected: WCD9371 Affected: WCD9375 Affected: WCD9380 Affected: WCD9385 Affected: WCN3610 Affected: WCN3615 Affected: WCN3620 Affected: WCN3660 Affected: WCN3660B Affected: WCN3680 Affected: WCN3680B Affected: WCN3910 Affected: WCN3950 Affected: WCN3988 Affected: WCN3991 Affected: WCN3998 Affected: WCN6740 Affected: WCN6750 Affected: WCN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:28:13.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009W"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8053"
},
{
"status": "affected",
"version": "APQ8064AU"
},
{
"status": "affected",
"version": "APQ8096AU"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "MSM8917"
},
{
"status": "affected",
"version": "MSM8937"
},
{
"status": "affected",
"version": "MSM8953"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "PM8937"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6390"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6564"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4290"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS603"
},
{
"status": "affected",
"version": "QCS605"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "Qualcomm215"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SD 455"
},
{
"status": "affected",
"version": "SD 636"
},
{
"status": "affected",
"version": "SD 675"
},
{
"status": "affected",
"version": "SD205"
},
{
"status": "affected",
"version": "SD210"
},
{
"status": "affected",
"version": "SD429"
},
{
"status": "affected",
"version": "SD439"
},
{
"status": "affected",
"version": "SD450"
},
{
"status": "affected",
"version": "SD460"
},
{
"status": "affected",
"version": "SD480"
},
{
"status": "affected",
"version": "SD632"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD662"
},
{
"status": "affected",
"version": "SD665"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD675"
},
{
"status": "affected",
"version": "SD678"
},
{
"status": "affected",
"version": "SD690 5G"
},
{
"status": "affected",
"version": "SD720G"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD750G"
},
{
"status": "affected",
"version": "SD765"
},
{
"status": "affected",
"version": "SD765G"
},
{
"status": "affected",
"version": "SD768G"
},
{
"status": "affected",
"version": "SD778G"
},
{
"status": "affected",
"version": "SD780G"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD870"
},
{
"status": "affected",
"version": "SD888"
},
{
"status": "affected",
"version": "SD888 5G"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDM630"
},
{
"status": "affected",
"version": "SDM830"
},
{
"status": "affected",
"version": "SDW2500"
},
{
"status": "affected",
"version": "SDX50M"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SDX55M"
},
{
"status": "affected",
"version": "SDXR1"
},
{
"status": "affected",
"version": "SDXR2 5G"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "SM6250P"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3991"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WCN6750"
},
{
"status": "affected",
"version": "WCN"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow to Buffer Overflow in Data HLOS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T05:30:33",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2020-11307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables",
"version": {
"version_data": [
{
"version_value": "APQ8009W"
},
{
"version_value": "APQ8017"
},
{
"version_value": "APQ8053"
},
{
"version_value": "APQ8064AU"
},
{
"version_value": "APQ8096AU"
},
{
"version_value": "AQT1000"
},
{
"version_value": "MSM8909W"
},
{
"version_value": "MSM8917"
},
{
"version_value": "MSM8937"
},
{
"version_value": "MSM8953"
},
{
"version_value": "MSM8996AU"
},
{
"version_value": "PM8937"
},
{
"version_value": "QCA6320"
},
{
"version_value": "QCA6390"
},
{
"version_value": "QCA6391"
},
{
"version_value": "QCA6420"
},
{
"version_value": "QCA6421"
},
{
"version_value": "QCA6426"
},
{
"version_value": "QCA6430"
},
{
"version_value": "QCA6431"
},
{
"version_value": "QCA6436"
},
{
"version_value": "QCA6564"
},
{
"version_value": "QCA6564A"
},
{
"version_value": "QCA6564AU"
},
{
"version_value": "QCA6574"
},
{
"version_value": "QCA6574A"
},
{
"version_value": "QCA6574AU"
},
{
"version_value": "QCA6595"
},
{
"version_value": "QCA6595AU"
},
{
"version_value": "QCA6696"
},
{
"version_value": "QCM2290"
},
{
"version_value": "QCM4290"
},
{
"version_value": "QCM6125"
},
{
"version_value": "QCS2290"
},
{
"version_value": "QCS4290"
},
{
"version_value": "QCS603"
},
{
"version_value": "QCS605"
},
{
"version_value": "QCS610"
},
{
"version_value": "QCS6125"
},
{
"version_value": "Qualcomm215"
},
{
"version_value": "SA6145P"
},
{
"version_value": "SA6150P"
},
{
"version_value": "SA6155"
},
{
"version_value": "SA6155P"
},
{
"version_value": "SA8145P"
},
{
"version_value": "SA8150P"
},
{
"version_value": "SA8155"
},
{
"version_value": "SA8155P"
},
{
"version_value": "SA8195P"
},
{
"version_value": "SD 455"
},
{
"version_value": "SD 636"
},
{
"version_value": "SD 675"
},
{
"version_value": "SD205"
},
{
"version_value": "SD210"
},
{
"version_value": "SD429"
},
{
"version_value": "SD439"
},
{
"version_value": "SD450"
},
{
"version_value": "SD460"
},
{
"version_value": "SD480"
},
{
"version_value": "SD632"
},
{
"version_value": "SD660"
},
{
"version_value": "SD662"
},
{
"version_value": "SD665"
},
{
"version_value": "SD670"
},
{
"version_value": "SD675"
},
{
"version_value": "SD678"
},
{
"version_value": "SD690 5G"
},
{
"version_value": "SD720G"
},
{
"version_value": "SD730"
},
{
"version_value": "SD750G"
},
{
"version_value": "SD765"
},
{
"version_value": "SD765G"
},
{
"version_value": "SD768G"
},
{
"version_value": "SD778G"
},
{
"version_value": "SD780G"
},
{
"version_value": "SD835"
},
{
"version_value": "SD855"
},
{
"version_value": "SD865 5G"
},
{
"version_value": "SD870"
},
{
"version_value": "SD888"
},
{
"version_value": "SD888 5G"
},
{
"version_value": "SDM429W"
},
{
"version_value": "SDM630"
},
{
"version_value": "SDM830"
},
{
"version_value": "SDW2500"
},
{
"version_value": "SDX50M"
},
{
"version_value": "SDX55"
},
{
"version_value": "SDX55M"
},
{
"version_value": "SDXR1"
},
{
"version_value": "SDXR2 5G"
},
{
"version_value": "SM4125"
},
{
"version_value": "SM6250"
},
{
"version_value": "SM6250P"
},
{
"version_value": "SM7250P"
},
{
"version_value": "SM7325P"
},
{
"version_value": "WCD9335"
},
{
"version_value": "WCD9370"
},
{
"version_value": "WCD9371"
},
{
"version_value": "WCD9375"
},
{
"version_value": "WCD9380"
},
{
"version_value": "WCD9385"
},
{
"version_value": "WCN3610"
},
{
"version_value": "WCN3615"
},
{
"version_value": "WCN3620"
},
{
"version_value": "WCN3660"
},
{
"version_value": "WCN3660B"
},
{
"version_value": "WCN3680"
},
{
"version_value": "WCN3680B"
},
{
"version_value": "WCN3910"
},
{
"version_value": "WCN3950"
},
{
"version_value": "WCN3988"
},
{
"version_value": "WCN3991"
},
{
"version_value": "WCN3998"
},
{
"version_value": "WCN6740"
},
{
"version_value": "WCN6750"
},
{
"version_value": "WCN"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables"
}
]
},
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow in Data HLOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2020-11307",
"datePublished": "2021-07-13T05:30:33",
"dateReserved": "2020-03-31T00:00:00",
"dateUpdated": "2024-08-04T11:28:13.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…