Qualcomm Snapdragon Auto HLOS buffer overflow

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wired Infrastructure and Networking (Chip Software). This affects an unknown function of the component HLOS Handler. Upgrading eliminates this vulnerability.

Field06/09/2021 04:39 PM06/11/2021 03:05 PM
vendorQualcommQualcomm
nameSnapdragon Auto/Snapdragon Compute/Snapdragon Connectivity/Snapdragon Consumer IOT/Snapdragon Industrial IOT/Snapdragon Mobile/Snapdragon Wired Infrastructure and NetworkingSnapdragon Auto/Snapdragon Compute/Snapdragon Connectivity/Snapdragon Consumer IOT/Snapdragon Industrial IOT/Snapdragon Mobile/Snapdragon Wired Infrastructure and Networking
componentHLOS HandlerHLOS Handler
cwe120 (memory corruption)120 (memory corruption)
risk22
cvss3_vuldb_acLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
urlhttps://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletinhttps://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin
nameUpgradeUpgrade
cveCVE-2020-11165CVE-2020-11165
date1623189600 (06/09/2021)1623189600 (06/09/2021)
typeChip SoftwareChip Software
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_avAA
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss3_vuldb_avAA
cvss3_vuldb_prLL
cvss3_vuldb_eXX
cvss2_vuldb_basescore5.25.2
cvss2_vuldb_tempscore5.24.5
cvss3_vuldb_basescore5.55.5
cvss3_vuldb_tempscore5.55.3
cvss3_meta_basescore5.55.5
cvss3_meta_tempscore5.55.3
price_0day$5k-$25k$5k-$25k
cve_assigned1585605600
cve_nvd_summaryMemory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
confirm_urlhttps://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin

Do you need the next level of professionalism?

Upgrade your account now!