Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ghsa-7cpf-7f36-gxj9
Vulnerability from github
Published
2022-05-24 19:07
Modified
2022-05-24 19:07
VLAI Severity ?
Details
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
{
"affected": [],
"aliases": [
"CVE-2020-11307"
],
"database_specific": {
"cwe_ids": [
"CWE-129"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-13T06:15:00Z",
"severity": "CRITICAL"
},
"details": "Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables",
"id": "GHSA-7cpf-7f36-gxj9",
"modified": "2022-05-24T19:07:47Z",
"published": "2022-05-24T19:07:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11307"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
],
"schema_version": "1.4.0",
"severity": []
}
CVE-2020-11307 (GCVE-0-2020-11307)
Vulnerability from cvelistv5
Published
2021-07-13 05:30
Modified
2024-08-04 11:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow to Buffer Overflow in Data HLOS
Summary
Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables |
Version: APQ8009W Version: APQ8017 Version: APQ8053 Version: APQ8064AU Version: APQ8096AU Version: AQT1000 Version: MSM8909W Version: MSM8917 Version: MSM8937 Version: MSM8953 Version: MSM8996AU Version: PM8937 Version: QCA6320 Version: QCA6390 Version: QCA6391 Version: QCA6420 Version: QCA6421 Version: QCA6426 Version: QCA6430 Version: QCA6431 Version: QCA6436 Version: QCA6564 Version: QCA6564A Version: QCA6564AU Version: QCA6574 Version: QCA6574A Version: QCA6574AU Version: QCA6595 Version: QCA6595AU Version: QCA6696 Version: QCM2290 Version: QCM4290 Version: QCM6125 Version: QCS2290 Version: QCS4290 Version: QCS603 Version: QCS605 Version: QCS610 Version: QCS6125 Version: Qualcomm215 Version: SA6145P Version: SA6150P Version: SA6155 Version: SA6155P Version: SA8145P Version: SA8150P Version: SA8155 Version: SA8155P Version: SA8195P Version: SD 455 Version: SD 636 Version: SD 675 Version: SD205 Version: SD210 Version: SD429 Version: SD439 Version: SD450 Version: SD460 Version: SD480 Version: SD632 Version: SD660 Version: SD662 Version: SD665 Version: SD670 Version: SD675 Version: SD678 Version: SD690 5G Version: SD720G Version: SD730 Version: SD750G Version: SD765 Version: SD765G Version: SD768G Version: SD778G Version: SD780G Version: SD835 Version: SD855 Version: SD865 5G Version: SD870 Version: SD888 Version: SD888 5G Version: SDM429W Version: SDM630 Version: SDM830 Version: SDW2500 Version: SDX50M Version: SDX55 Version: SDX55M Version: SDXR1 Version: SDXR2 5G Version: SM4125 Version: SM6250 Version: SM6250P Version: SM7250P Version: SM7325P Version: WCD9335 Version: WCD9370 Version: WCD9371 Version: WCD9375 Version: WCD9380 Version: WCD9385 Version: WCN3610 Version: WCN3615 Version: WCN3620 Version: WCN3660 Version: WCN3660B Version: WCN3680 Version: WCN3680B Version: WCN3910 Version: WCN3950 Version: WCN3988 Version: WCN3991 Version: WCN3998 Version: WCN6740 Version: WCN6750 Version: WCN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:28:13.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009W"
},
{
"status": "affected",
"version": "APQ8017"
},
{
"status": "affected",
"version": "APQ8053"
},
{
"status": "affected",
"version": "APQ8064AU"
},
{
"status": "affected",
"version": "APQ8096AU"
},
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "MSM8909W"
},
{
"status": "affected",
"version": "MSM8917"
},
{
"status": "affected",
"version": "MSM8937"
},
{
"status": "affected",
"version": "MSM8953"
},
{
"status": "affected",
"version": "MSM8996AU"
},
{
"status": "affected",
"version": "PM8937"
},
{
"status": "affected",
"version": "QCA6320"
},
{
"status": "affected",
"version": "QCA6390"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6421"
},
{
"status": "affected",
"version": "QCA6426"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCA6431"
},
{
"status": "affected",
"version": "QCA6436"
},
{
"status": "affected",
"version": "QCA6564"
},
{
"status": "affected",
"version": "QCA6564A"
},
{
"status": "affected",
"version": "QCA6564AU"
},
{
"status": "affected",
"version": "QCA6574"
},
{
"status": "affected",
"version": "QCA6574A"
},
{
"status": "affected",
"version": "QCA6574AU"
},
{
"status": "affected",
"version": "QCA6595"
},
{
"status": "affected",
"version": "QCA6595AU"
},
{
"status": "affected",
"version": "QCA6696"
},
{
"status": "affected",
"version": "QCM2290"
},
{
"status": "affected",
"version": "QCM4290"
},
{
"status": "affected",
"version": "QCM6125"
},
{
"status": "affected",
"version": "QCS2290"
},
{
"status": "affected",
"version": "QCS4290"
},
{
"status": "affected",
"version": "QCS603"
},
{
"status": "affected",
"version": "QCS605"
},
{
"status": "affected",
"version": "QCS610"
},
{
"status": "affected",
"version": "QCS6125"
},
{
"status": "affected",
"version": "Qualcomm215"
},
{
"status": "affected",
"version": "SA6145P"
},
{
"status": "affected",
"version": "SA6150P"
},
{
"status": "affected",
"version": "SA6155"
},
{
"status": "affected",
"version": "SA6155P"
},
{
"status": "affected",
"version": "SA8145P"
},
{
"status": "affected",
"version": "SA8150P"
},
{
"status": "affected",
"version": "SA8155"
},
{
"status": "affected",
"version": "SA8155P"
},
{
"status": "affected",
"version": "SA8195P"
},
{
"status": "affected",
"version": "SD 455"
},
{
"status": "affected",
"version": "SD 636"
},
{
"status": "affected",
"version": "SD 675"
},
{
"status": "affected",
"version": "SD205"
},
{
"status": "affected",
"version": "SD210"
},
{
"status": "affected",
"version": "SD429"
},
{
"status": "affected",
"version": "SD439"
},
{
"status": "affected",
"version": "SD450"
},
{
"status": "affected",
"version": "SD460"
},
{
"status": "affected",
"version": "SD480"
},
{
"status": "affected",
"version": "SD632"
},
{
"status": "affected",
"version": "SD660"
},
{
"status": "affected",
"version": "SD662"
},
{
"status": "affected",
"version": "SD665"
},
{
"status": "affected",
"version": "SD670"
},
{
"status": "affected",
"version": "SD675"
},
{
"status": "affected",
"version": "SD678"
},
{
"status": "affected",
"version": "SD690 5G"
},
{
"status": "affected",
"version": "SD720G"
},
{
"status": "affected",
"version": "SD730"
},
{
"status": "affected",
"version": "SD750G"
},
{
"status": "affected",
"version": "SD765"
},
{
"status": "affected",
"version": "SD765G"
},
{
"status": "affected",
"version": "SD768G"
},
{
"status": "affected",
"version": "SD778G"
},
{
"status": "affected",
"version": "SD780G"
},
{
"status": "affected",
"version": "SD835"
},
{
"status": "affected",
"version": "SD855"
},
{
"status": "affected",
"version": "SD865 5G"
},
{
"status": "affected",
"version": "SD870"
},
{
"status": "affected",
"version": "SD888"
},
{
"status": "affected",
"version": "SD888 5G"
},
{
"status": "affected",
"version": "SDM429W"
},
{
"status": "affected",
"version": "SDM630"
},
{
"status": "affected",
"version": "SDM830"
},
{
"status": "affected",
"version": "SDW2500"
},
{
"status": "affected",
"version": "SDX50M"
},
{
"status": "affected",
"version": "SDX55"
},
{
"status": "affected",
"version": "SDX55M"
},
{
"status": "affected",
"version": "SDXR1"
},
{
"status": "affected",
"version": "SDXR2 5G"
},
{
"status": "affected",
"version": "SM4125"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "SM6250P"
},
{
"status": "affected",
"version": "SM7250P"
},
{
"status": "affected",
"version": "SM7325P"
},
{
"status": "affected",
"version": "WCD9335"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9371"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3610"
},
{
"status": "affected",
"version": "WCN3615"
},
{
"status": "affected",
"version": "WCN3620"
},
{
"status": "affected",
"version": "WCN3660"
},
{
"status": "affected",
"version": "WCN3660B"
},
{
"status": "affected",
"version": "WCN3680"
},
{
"status": "affected",
"version": "WCN3680B"
},
{
"status": "affected",
"version": "WCN3910"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN3991"
},
{
"status": "affected",
"version": "WCN3998"
},
{
"status": "affected",
"version": "WCN6740"
},
{
"status": "affected",
"version": "WCN6750"
},
{
"status": "affected",
"version": "WCN"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow to Buffer Overflow in Data HLOS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T05:30:33",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"ID": "CVE-2020-11307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables",
"version": {
"version_data": [
{
"version_value": "APQ8009W"
},
{
"version_value": "APQ8017"
},
{
"version_value": "APQ8053"
},
{
"version_value": "APQ8064AU"
},
{
"version_value": "APQ8096AU"
},
{
"version_value": "AQT1000"
},
{
"version_value": "MSM8909W"
},
{
"version_value": "MSM8917"
},
{
"version_value": "MSM8937"
},
{
"version_value": "MSM8953"
},
{
"version_value": "MSM8996AU"
},
{
"version_value": "PM8937"
},
{
"version_value": "QCA6320"
},
{
"version_value": "QCA6390"
},
{
"version_value": "QCA6391"
},
{
"version_value": "QCA6420"
},
{
"version_value": "QCA6421"
},
{
"version_value": "QCA6426"
},
{
"version_value": "QCA6430"
},
{
"version_value": "QCA6431"
},
{
"version_value": "QCA6436"
},
{
"version_value": "QCA6564"
},
{
"version_value": "QCA6564A"
},
{
"version_value": "QCA6564AU"
},
{
"version_value": "QCA6574"
},
{
"version_value": "QCA6574A"
},
{
"version_value": "QCA6574AU"
},
{
"version_value": "QCA6595"
},
{
"version_value": "QCA6595AU"
},
{
"version_value": "QCA6696"
},
{
"version_value": "QCM2290"
},
{
"version_value": "QCM4290"
},
{
"version_value": "QCM6125"
},
{
"version_value": "QCS2290"
},
{
"version_value": "QCS4290"
},
{
"version_value": "QCS603"
},
{
"version_value": "QCS605"
},
{
"version_value": "QCS610"
},
{
"version_value": "QCS6125"
},
{
"version_value": "Qualcomm215"
},
{
"version_value": "SA6145P"
},
{
"version_value": "SA6150P"
},
{
"version_value": "SA6155"
},
{
"version_value": "SA6155P"
},
{
"version_value": "SA8145P"
},
{
"version_value": "SA8150P"
},
{
"version_value": "SA8155"
},
{
"version_value": "SA8155P"
},
{
"version_value": "SA8195P"
},
{
"version_value": "SD 455"
},
{
"version_value": "SD 636"
},
{
"version_value": "SD 675"
},
{
"version_value": "SD205"
},
{
"version_value": "SD210"
},
{
"version_value": "SD429"
},
{
"version_value": "SD439"
},
{
"version_value": "SD450"
},
{
"version_value": "SD460"
},
{
"version_value": "SD480"
},
{
"version_value": "SD632"
},
{
"version_value": "SD660"
},
{
"version_value": "SD662"
},
{
"version_value": "SD665"
},
{
"version_value": "SD670"
},
{
"version_value": "SD675"
},
{
"version_value": "SD678"
},
{
"version_value": "SD690 5G"
},
{
"version_value": "SD720G"
},
{
"version_value": "SD730"
},
{
"version_value": "SD750G"
},
{
"version_value": "SD765"
},
{
"version_value": "SD765G"
},
{
"version_value": "SD768G"
},
{
"version_value": "SD778G"
},
{
"version_value": "SD780G"
},
{
"version_value": "SD835"
},
{
"version_value": "SD855"
},
{
"version_value": "SD865 5G"
},
{
"version_value": "SD870"
},
{
"version_value": "SD888"
},
{
"version_value": "SD888 5G"
},
{
"version_value": "SDM429W"
},
{
"version_value": "SDM630"
},
{
"version_value": "SDM830"
},
{
"version_value": "SDW2500"
},
{
"version_value": "SDX50M"
},
{
"version_value": "SDX55"
},
{
"version_value": "SDX55M"
},
{
"version_value": "SDXR1"
},
{
"version_value": "SDXR2 5G"
},
{
"version_value": "SM4125"
},
{
"version_value": "SM6250"
},
{
"version_value": "SM6250P"
},
{
"version_value": "SM7250P"
},
{
"version_value": "SM7325P"
},
{
"version_value": "WCD9335"
},
{
"version_value": "WCD9370"
},
{
"version_value": "WCD9371"
},
{
"version_value": "WCD9375"
},
{
"version_value": "WCD9380"
},
{
"version_value": "WCD9385"
},
{
"version_value": "WCN3610"
},
{
"version_value": "WCN3615"
},
{
"version_value": "WCN3620"
},
{
"version_value": "WCN3660"
},
{
"version_value": "WCN3660B"
},
{
"version_value": "WCN3680"
},
{
"version_value": "WCN3680B"
},
{
"version_value": "WCN3910"
},
{
"version_value": "WCN3950"
},
{
"version_value": "WCN3988"
},
{
"version_value": "WCN3991"
},
{
"version_value": "WCN3998"
},
{
"version_value": "WCN6740"
},
{
"version_value": "WCN6750"
},
{
"version_value": "WCN"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables"
}
]
},
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow in Data HLOS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2020-11307",
"datePublished": "2021-07-13T05:30:33",
"dateReserved": "2020-03-31T00:00:00",
"dateUpdated": "2024-08-04T11:28:13.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…