CVE-2020-11220

Summary

While processing storage SCM commands there is a time of check or time of use window where a pointer used could be invalid at a specific time while executing the storage SCM call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and NetworkingAQT1000, AR8035, PM4125, PM4250, PM6125, PM6150, PM6150A, PM6150L, PM6350, PM640A, PM640L, PM640P, PM7250B, PM8004, PM8005, PM8008, PM8350, PM855, PM855A, PM855B, PM855L, PM855P, PM8998, PMD9655, PMI632, PMI8998, PMK8002, PMK8003, PMM8195AU, PMM855AU, PMX24, PMX50, PMX55, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QBT1500, QBT2000, QCA6390, QCA6420, QCA6430, QCA6574A, QCA6574AU, QCA6595, QCA6696, QCA9984, QCM2290, QCM4290, QCS2290, QCS405, QCS4290, QDM2301, QDM2302, QET4101, QET5100, QPA4360, QPA4361, QPA5460, QPA6560, QPA8673, QSW6310, QSW8573, QSW8574, QTC410S, QTC800H, QTC800S, QTC801S, QTM525, SA6155P, SA8155, SA8155P, SA8195P, SD 8C, SD 8CX, SD460, SD480, SD662, SD665, SD675, SD855, SD888 5G, SDM830, SDR051, SDR052, SDR425, SDR660, SDR660G, SDR735, SDR735G, SDR8150, SDR8250, SDR865, SDX24, SDX50M, SDX55, SDX55M, SM4125, SMB1351, SMB1354, SMB1355, SMB1381, SMB1390, SMB1396, SMR526, SMR545, SMR546, WCD9340, WCD9341, WCD9360, WCD9370, WCD9375, WCD9385, WCN3910, WCN3950, WCN3980, W ...[truncated*]affected

Weaknesses

  • Time-of-check Time-of-use Race Condition in Storage

ADP Enrichment

CVE Program Container

Additional References

References