CVE-2020-11242

Summary

User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Industrial IOT, Snapdragon MobilePM660, PM660A, PM660L, PM855A, PMM855AU, QAT3514, QAT3522, QAT3550, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QET4100, QET4101, QET4200AQ, QLN1021AQ, QLN1031, QLN1036AQ, QPA4340, QPA4360, QPA5460, QTC800H, QTC800S, RSW8577, SD 455, SD 636, SD660, SDM630, SDR660, SMB1351, WCD9335, WCD9340, WCD9341, WCN3950, WCN3980, WCN3990affected

Weaknesses

  • Use of Out-of-Range Pointer Offset in Core

ADP Enrichment

CVE Program Container

Additional References

References