Details of VAR-202101-0083

ID

VAR-202101-0083

CVE

CVE-2020-11148

TITLE

plural Qualcomm Product Free Memory Usage Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-015617

DESCRIPTION

Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables. plural Qualcomm The product contains a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have resource management error vulnerabilities. The vulnerability originates from the use of callbacks to release the problem in HIDL when the event is released in the RID thread when the internal mutex is not obtained and the callback instance is triggered to close and delete at the same time

Trust: 2.25

sources: NVD: CVE-2020-11148 // JVNDB: JVNDB-2020-015617 // CNNVD: CNNVD-202012-504 // VULMON: CVE-2020-11148

AFFECTED PRODUCTS

vendor:	qualcomm	model:	qpm6585	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm5677	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qsw8573	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd665	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smr546	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm640p	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3950	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe4303	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe4309	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3660b	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdxr1	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qcs605	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm6150	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6595	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm8870	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1394	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1351	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa8801	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm4640	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	apq8017	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5579	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5677	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm2305	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa2625	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcd9326	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmr525	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat5515	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa8673	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdr735	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfs2580	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat5568	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat3518	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa4360	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe4305	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe2101	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm8895	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5620	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qualcomm215	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd750g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sm7350	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn6851	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn6740	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wsa8835	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8150c	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm640l	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm855l	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6595au	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5670	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8350c	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmk7350	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6390	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm5679	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdxr25g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm5658	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qln5030	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm4650	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe4308	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8150a	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wgr7640	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm7150l	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe4373fc	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1395	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdr865	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8350bhs	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm8820	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1390	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmi8952	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmm855au	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm4643	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3610	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa5461	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm640a	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat5522	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm4630	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qtc801s	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd768g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm3301	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat3514	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd6905g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmk8003	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdm429w	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa6560	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm215	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wsa8815	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qet4101	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8953	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sa6155p	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm6621	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1396	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd439	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qln4642	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm6350	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6436	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5679	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa5581	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd855	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfs2630	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm2302	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmk8350	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd765g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smr545	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm5621	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm670l	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm7150a	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smr526	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm8830	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3615	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qet6100	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wtr2965	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qet6110	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe2520	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe4301	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat3522	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat3550	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa8686	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3991	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm3003a	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmx55	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm2307	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5652	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sda429w	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sa8155	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qbt2000	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmr735b	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6391	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	apq8053	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe2550	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat5516	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm439	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8250	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1381	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8937	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	msm8917	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdr735g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa8821	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qbt1500	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6426	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm7250b	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe4320	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa4361	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sm7250p	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm4650	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8009	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat3516	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3680b	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm7250	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm4641	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmr735a	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qtm525	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wsa8810	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qsw6310	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm5875	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm5641	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1355	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8350bh	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm855b	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm7350c	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat3519	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat3555	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm6150l	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qsw8574	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1360	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qtc800h	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8350	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sa8150p	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmi8937	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6574au	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm4621	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcd9385	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd8885g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm6150a	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn6856	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm670	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe4302	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcd9341	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm6582	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qsm7250	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qln4650	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa8803	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm660	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3620	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wtr2955	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdx55	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcd9370	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm5670	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qtc410s	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmk8002	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5671	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm2301	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa5373	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5621	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3980	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	msm8953	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qat5533	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm5870	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd632	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdr660g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdx55m	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sa8195p	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpm6670	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd429	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdr8250	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa8842	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm3302	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qln5020	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn6850	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qet5100m	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmi632	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm6125	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd8655g	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3988	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa5580	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm855	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8916	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wtr3925	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfe3340	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8008	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qln5040	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm660l	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfs2530	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6574a	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3998	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6431	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6421	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qca6696	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pmm8195au	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qfs2608	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wsa8830	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8350b	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1358	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smr525	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm2310	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3990	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd765	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	smb1398	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qet5100	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sd675	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8150l	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	sdr660	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcn3680	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qpa8802	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	pm8150b	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcd9375	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	wcd9380	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm5650	scope:	eq	version:	-	Trust: 1.0
vendor:	qualcomm	model:	qdm2308	scope:	eq	version:	-	Trust: 1.0
vendor:	クアルコム	model:	msm8917	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	pm6150a	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	pm3003a	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	pm6125	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	pm215	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	pm6150	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	pm439	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	apq8017	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	msm8953	scope:	-	version:	-	Trust: 0.8
vendor:	クアルコム	model:	apq8053	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-015617 // NVD: CVE-2020-11148

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-11148
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-11148
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202012-504
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2020-11148
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-11148
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2020-11148
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2020-11148
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2020-11148 // JVNDB: JVNDB-2020-015617 // CNNVD: CNNVD-202012-504 // NVD: CVE-2020-11148

PROBLEMTYPE DATA

problemtype:	CWE-416	Trust: 1.0
problemtype:	Use of freed memory (CWE-416) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-015617 // NVD: CVE-2020-11148

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202012-504

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202012-504

PATCH

title:	December 2020 Security Bulletin	url:	https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Trust: 0.8
title:	Google Android Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=136344	Trust: 0.6

sources: JVNDB: JVNDB-2020-015617 // CNNVD: CNNVD-202012-504

EXTERNAL IDS

db:	NVD	id:	CVE-2020-11148	Trust: 2.5
db:	JVNDB	id:	JVNDB-2020-015617	Trust: 0.8
db:	CNNVD	id:	CNNVD-202012-504	Trust: 0.6
db:	VULMON	id:	CVE-2020-11148	Trust: 0.1

sources: VULMON: CVE-2020-11148 // JVNDB: JVNDB-2020-015617 // CNNVD: CNNVD-202012-504 // NVD: CVE-2020-11148

REFERENCES

url:	https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Trust: 1.7
url:	https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-11148	Trust: 1.4
url:	https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2020-34050	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/416.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2020-11148 // JVNDB: JVNDB-2020-015617 // CNNVD: CNNVD-202012-504 // NVD: CVE-2020-11148

SOURCES

db:	VULMON	id:	CVE-2020-11148
db:	JVNDB	id:	JVNDB-2020-015617
db:	CNNVD	id:	CNNVD-202012-504
db:	NVD	id:	CVE-2020-11148

LAST UPDATE DATE

2024-08-14T13:43:43.985000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2020-11148	date:	2021-01-29T00:00:00
db:	JVNDB	id:	JVNDB-2020-015617	date:	2021-10-06T08:57:00
db:	CNNVD	id:	CNNVD-202012-504	date:	2021-07-09T00:00:00
db:	NVD	id:	CVE-2020-11148	date:	2021-01-29T19:18:54.403

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2020-11148	date:	2021-01-21T00:00:00
db:	JVNDB	id:	JVNDB-2020-015617	date:	2021-10-06T00:00:00
db:	CNNVD	id:	CNNVD-202012-504	date:	2020-12-08T00:00:00
db:	NVD	id:	CVE-2020-11148	date:	2021-01-21T10:15:13.683