ID

VAR-202101-0087


CVE

CVE-2020-11152


TITLE

plural  Qualcomm  Product Race Condition Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-015621

DESCRIPTION

Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables. plural Qualcomm The product contains a race condition vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The Qualcomm chip is a chip of Qualcomm (Qualcomm). A way to miniaturize circuits (mainly including semiconductor equipment, but also passive components, etc.) and often manufactured on the surface of semiconductor wafers. Many Qualcomm products have a race condition vulnerability, which is caused by the lack of synchronization between access objects, leading to race conditions in the HAL layer

Trust: 2.25

sources: NVD: CVE-2020-11152 // JVNDB: JVNDB-2020-015621 // CNNVD: CNNVD-202012-589 // VULMON: CVE-2020-11152

AFFECTED PRODUCTS

vendor:qualcommmodel:qsw8573scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855pscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3950scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4303scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4309scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd636scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3660bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs605scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx50mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8056scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8937scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1351scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm660ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdw3100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8017scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8076scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr4905scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8009wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8956scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9326scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs405scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qpa4360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:ar8031scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4305scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe2101scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855lscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qet4100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca8337scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca9377scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr052scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4308scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8940scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6174ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wgr7640scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8940scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4373fcscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd712scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1390scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmi8952scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe2080fcscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3610scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:whs9410scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtc801sscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8005scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdw2500scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat3514scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9335scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8004scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:rgr7640auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8815scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8909wscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6310scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qet4101scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr5975scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9330scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe2081fcscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8953scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8952scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8956scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qln1035bdscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm630scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4465fcscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcs603scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3615scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr2965scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm670lscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4301scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat3522scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qat3550scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qpa5460scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd450scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1380scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmx50scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qbt2000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qbt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8053scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe2550scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm439scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8052scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1381scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8937scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8917scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qcc1110scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qbt1500scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd835scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmd9655scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4320scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8920scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:aqt1000scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3680bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wsa8810scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1355scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm670ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855bscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe3100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd8cxscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8976sgscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe2082fcscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtc800hscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1360scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmi8937scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qpa4340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm670scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4302scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9341scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6564auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3999scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtc800tscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr2955scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:csra6620scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3980scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmi8998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8953scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdm830scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8996auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6584auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8952scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qet5100mscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmi632scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdx24scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9306scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm855scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8916scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wtr3925scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6420scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6430scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8976scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm660lscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcd9340scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qca6574ascope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8096auscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr051scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe4455fcscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:msm8916scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pm8998scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:pmx24scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qtc800sscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb1358scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:wcn3990scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:smb231scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qet5100scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:apq8037scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:qfe3440fcscope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:rsw8577scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr660scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sdr8150scope:eqversion: -

Trust: 1.0

vendor:qualcommmodel:sd710scope:eqversion: -

Trust: 1.0

vendor:クアルコムmodel:apq8056scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8037scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8096auscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:aqt1000scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8076scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8052scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8009wscope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8017scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:ar8031scope: - version: -

Trust: 0.8

vendor:クアルコムmodel:apq8053scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-015621 // NVD: CVE-2020-11152

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-11152
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-11152
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202012-589
value: MEDIUM

Trust: 0.6

VULMON: CVE-2020-11152
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-11152
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2020-11152
baseSeverity: MEDIUM
baseScore: 6.4
vectorString: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.5
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2020-11152
baseSeverity: MEDIUM
baseScore: 6.4
vectorString: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2020-11152 // JVNDB: JVNDB-2020-015621 // CNNVD: CNNVD-202012-589 // NVD: CVE-2020-11152

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.0

problemtype:Race condition (CWE-362) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-015621 // NVD: CVE-2020-11152

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202012-589

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-202012-589

PATCH

title:December 2020 Security Bulletinurl:https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Trust: 0.8

title:Google Android Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=136102

Trust: 0.6

sources: JVNDB: JVNDB-2020-015621 // CNNVD: CNNVD-202012-589

EXTERNAL IDS

db:NVDid:CVE-2020-11152

Trust: 2.5

db:JVNDBid:JVNDB-2020-015621

Trust: 0.8

db:CNNVDid:CNNVD-202012-589

Trust: 0.6

db:VULMONid:CVE-2020-11152

Trust: 0.1

sources: VULMON: CVE-2020-11152 // JVNDB: JVNDB-2020-015621 // CNNVD: CNNVD-202012-589 // NVD: CVE-2020-11152

REFERENCES

url:https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Trust: 1.7

url:https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-11152

Trust: 1.4

url:https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-december-2020-34050

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/362.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2020-11152 // JVNDB: JVNDB-2020-015621 // CNNVD: CNNVD-202012-589 // NVD: CVE-2020-11152

SOURCES

db:VULMONid:CVE-2020-11152
db:JVNDBid:JVNDB-2020-015621
db:CNNVDid:CNNVD-202012-589
db:NVDid:CVE-2020-11152

LAST UPDATE DATE

2024-08-14T15:38:12.529000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2020-11152date:2021-01-29T00:00:00
db:JVNDBid:JVNDB-2020-015621date:2021-10-06T08:57:00
db:CNNVDid:CNNVD-202012-589date:2021-07-09T00:00:00
db:NVDid:CVE-2020-11152date:2021-01-29T20:24:22.057

SOURCES RELEASE DATE

db:VULMONid:CVE-2020-11152date:2021-01-21T00:00:00
db:JVNDBid:JVNDB-2020-015621date:2021-10-06T00:00:00
db:CNNVDid:CNNVD-202012-589date:2020-12-08T00:00:00
db:NVDid:CVE-2020-11152date:2021-01-21T10:15:13.947