CVE-2020-11266

Summary

Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Wired Infrastructure and NetworkingAR7420, AR9580, CSR8811, IPQ4018, IPQ4019, IPQ4028, IPQ4029, QCA10901, QCA4024, QCA7500, QCA7520, QCA7550, QCA8075, QCA9880, QCA9886, QCA9888, QCA9889, QCA9898, QCA9984, QCA9992, QCA9994, QCN3018, QFE1922, QFE1952, WCD9340, WSA8810affected

Weaknesses

  • Buffer Over-read in Trustzone

ADP Enrichment

CVE Program Container

Additional References

References