CVE-2020-11217

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS v3.0 7.8 HIGH
CVSS v2.0 4.6 MEDIUM

7.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:qualcomm:pm3003a:-:::::::*
	cpe:2.3:h:qualcomm:pm4125:-:::::::*
	cpe:2.3:h:qualcomm:pm6125:-:::::::*
	cpe:2.3:h:qualcomm:pm6150a:-:::::::*
	cpe:2.3:h:qualcomm:pm6150l:-:::::::*
	cpe:2.3:h:qualcomm:pm6350:-:::::::*
	cpe:2.3:h:qualcomm:pm660:-:::::::*
	cpe:2.3:h:qualcomm:pm660a:-:::::::*
	cpe:2.3:h:qualcomm:pm660l:-:::::::*
	cpe:2.3:h:qualcomm:pm7150a:-:::::::*
	cpe:2.3:h:qualcomm:pm7150l:-:::::::*
	cpe:2.3:h:qualcomm:pm7250:-:::::::*
	cpe:2.3:h:qualcomm:pm7250b:-:::::::*
	cpe:2.3:h:qualcomm:pm8008:-:::::::*
	cpe:2.3:h:qualcomm:pm8009:-:::::::*
	cpe:2.3:h:qualcomm:pm8150a:-:::::::*
	cpe:2.3:h:qualcomm:pm8150b:-:::::::*
	cpe:2.3:h:qualcomm:pm8150c:-:::::::*
	cpe:2.3:h:qualcomm:pm8150l:-:::::::*
	cpe:2.3:h:qualcomm:pm8250:-:::::::*
	cpe:2.3:h:qualcomm:pm8350:-:::::::*
	cpe:2.3:h:qualcomm:pm8350b:-:::::::*
	cpe:2.3:h:qualcomm:pm8350bh:-:::::::*
	cpe:2.3:h:qualcomm:pm8350c:-:::::::*
	cpe:2.3:h:qualcomm:pmi632:-:::::::*
	cpe:2.3:h:qualcomm:pmk8002:-:::::::*
	cpe:2.3:h:qualcomm:pmk8003:-:::::::*
	cpe:2.3:h:qualcomm:pmk8350:-:::::::*
	cpe:2.3:h:qualcomm:pmr525:-:::::::*
	cpe:2.3:h:qualcomm:pmr735a:-:::::::*
	cpe:2.3:h:qualcomm:pm7350c:-:::::::*
	cpe:2.3:h:qualcomm:pm8350bhs:-:::::::*
	cpe:2.3:h:qualcomm:pmk7350:-:::::::*
	cpe:2.3:h:qualcomm:qca6390:-:::::::*
	cpe:2.3:h:qualcomm:qcm4290:-:::::::*
	cpe:2.3:h:qualcomm:qcs4290:-:::::::*
	cpe:2.3:h:qualcomm:pmr735b:-:::::::*
	cpe:2.3:h:qualcomm:pmx55:-:::::::*
	cpe:2.3:h:qualcomm:qat3514:-:::::::*
	cpe:2.3:h:qualcomm:qat3516:-:::::::*
	cpe:2.3:h:qualcomm:qat3518:-:::::::*
	cpe:2.3:h:qualcomm:qat3519:-:::::::*
	cpe:2.3:h:qualcomm:qat3522:-:::::::*
	cpe:2.3:h:qualcomm:qat3550:-:::::::*
	cpe:2.3:h:qualcomm:qat3555:-:::::::*
	cpe:2.3:h:qualcomm:qat5515:-:::::::*
	cpe:2.3:h:qualcomm:qat5516:-:::::::*
	cpe:2.3:h:qualcomm:qat5522:-:::::::*
	cpe:2.3:h:qualcomm:qat5533:-:::::::*
	cpe:2.3:h:qualcomm:qat5568:-:::::::*
	cpe:2.3:h:qualcomm:qbt2000:-:::::::*
	cpe:2.3:h:qualcomm:qca6391:-:::::::*
	cpe:2.3:h:qualcomm:qca6421:-:::::::*
	cpe:2.3:h:qualcomm:qca6426:-:::::::*
	cpe:2.3:h:qualcomm:qca6431:-:::::::*
	cpe:2.3:h:qualcomm:qca6436:-:::::::*
	cpe:2.3:h:qualcomm:qdm2301:-:::::::*
	cpe:2.3:h:qualcomm:qdm2305:-:::::::*
	cpe:2.3:h:qualcomm:qdm2307:-:::::::*
	cpe:2.3:h:qualcomm:qdm2308:-:::::::*
	cpe:2.3:h:qualcomm:qdm2310:-:::::::*
	cpe:2.3:h:qualcomm:qdm3301:-:::::::*
	cpe:2.3:h:qualcomm:qdm4643:-:::::::*
	cpe:2.3:h:qualcomm:qdm4650:-:::::::*
cpe:2.3:h:qualcomm:qdm5620:-:::::::*
cpe:2.3:h:qualcomm:qdm5621:-:::::::*
cpe:2.3:h:qualcomm:qdm5650:-:::::::*
cpe:2.3:h:qualcomm:qdm5652:-:::::::*
cpe:2.3:h:qualcomm:qdm5670:-:::::::*
cpe:2.3:h:qualcomm:qdm5671:-:::::::*
cpe:2.3:h:qualcomm:qdm5677:-:::::::*
cpe:2.3:h:qualcomm:qdm5679:-:::::::*
cpe:2.3:h:qualcomm:qet4100:-:::::::*
cpe:2.3:h:qualcomm:qcm2290:-:::::::*
cpe:2.3:h:qualcomm:qcs2290:-:::::::*
cpe:2.3:h:qualcomm:qdm3302:-:::::::*
cpe:2.3:h:qualcomm:qdm5579:-:::::::*
cpe:2.3:h:qualcomm:sdx55m:-:::::::*
cpe:2.3:h:qualcomm:sm4125:-:::::::*
cpe:2.3:h:qualcomm:sm7250p:-:::::::*
cpe:2.3:h:qualcomm:sd660:-:::::::*
cpe:2.3:h:qualcomm:qet4101:-:::::::*
cpe:2.3:h:qualcomm:qet5100:-:::::::*
cpe:2.3:h:qualcomm:qet5100m:-:::::::*
cpe:2.3:h:qualcomm:qet6100:-:::::::*
cpe:2.3:h:qualcomm:qet6110:-:::::::*
cpe:2.3:h:qualcomm:qfs2530:-:::::::*
cpe:2.3:h:qualcomm:qfs2580:-:::::::*
cpe:2.3:h:qualcomm:qfs2608:-:::::::*
cpe:2.3:h:qualcomm:qfs2630:-:::::::*
cpe:2.3:h:qualcomm:qln4642:-:::::::*
cpe:2.3:h:qualcomm:qln4650:-:::::::*
cpe:2.3:h:qualcomm:qln5020:-:::::::*
cpe:2.3:h:qualcomm:qln5030:-:::::::*
cpe:2.3:h:qualcomm:qln5040:-:::::::*
cpe:2.3:h:qualcomm:qpa2625:-:::::::*
cpe:2.3:h:qualcomm:qpa4340:-:::::::*
cpe:2.3:h:qualcomm:qpa4360:-:::::::*
cpe:2.3:h:qualcomm:qpa5461:-:::::::*
cpe:2.3:h:qualcomm:qpa5580:-:::::::*
cpe:2.3:h:qualcomm:qpa5581:-:::::::*
cpe:2.3:h:qualcomm:qpa6560:-:::::::*
cpe:2.3:h:qualcomm:qpa8673:-:::::::*
cpe:2.3:h:qualcomm:qpa8686:-:::::::*
cpe:2.3:h:qualcomm:qpa8801:-:::::::*
cpe:2.3:h:qualcomm:qpa8802:-:::::::*
cpe:2.3:h:qualcomm:qpa8803:-:::::::*
cpe:2.3:h:qualcomm:qpa8821:-:::::::*
cpe:2.3:h:qualcomm:qpa8842:-:::::::*
cpe:2.3:h:qualcomm:qpm4621:-:::::::*
cpe:2.3:h:qualcomm:qpm4630:-:::::::*
cpe:2.3:h:qualcomm:qpm4640:-:::::::*
cpe:2.3:h:qualcomm:qpm4641:-:::::::*
cpe:2.3:h:qualcomm:qpm4650:-:::::::*
cpe:2.3:h:qualcomm:qpm5620:-:::::::*
cpe:2.3:h:qualcomm:qpm5621:-:::::::*
cpe:2.3:h:qualcomm:qpm5641:-:::::::*
cpe:2.3:h:qualcomm:qpm5657:-:::::::*
cpe:2.3:h:qualcomm:qpm5658:-:::::::*
cpe:2.3:h:qualcomm:qpm5670:-:::::::*
cpe:2.3:h:qualcomm:qpm5677:-:::::::*
cpe:2.3:h:qualcomm:qpm5679:-:::::::*
cpe:2.3:h:qualcomm:qpm5870:-:::::::*
cpe:2.3:h:qualcomm:qpm5875:-:::::::*
cpe:2.3:h:qualcomm:qpm6582:-:::::::*
cpe:2.3:h:qualcomm:qpm6585:-:::::::*
cpe:2.3:h:qualcomm:qpm6621:-:::::::*
cpe:2.3:h:qualcomm:qpm6670:-:::::::*
cpe:2.3:h:qualcomm:qpm8820:-:::::::*
cpe:2.3:h:qualcomm:qpm8830:-:::::::*
cpe:2.3:h:qualcomm:qpm8870:-:::::::*
cpe:2.3:h:qualcomm:qpm8895:-:::::::*
cpe:2.3:h:qualcomm:qsm7250:-:::::::*
cpe:2.3:h:qualcomm:qtc800h:-:::::::*
cpe:2.3:h:qualcomm:qtc800s:-:::::::*
cpe:2.3:h:qualcomm:qtc801s:-:::::::*
cpe:2.3:h:qualcomm:qtm525:-:::::::*
cpe:2.3:h:qualcomm:rsw8577:-:::::::*
cpe:2.3:h:qualcomm:sd460:-:::::::*
cpe:2.3:h:qualcomm:sd662:-:::::::*
cpe:2.3:h:qualcomm:sd750g:-:::::::*
cpe:2.3:h:qualcomm:sd765:-:::::::*
cpe:2.3:h:qualcomm:sd765g:-:::::::*
cpe:2.3:h:qualcomm:sd768g:-:::::::*
cpe:2.3:h:qualcomm:sdr425:-:::::::*
cpe:2.3:h:qualcomm:sdr660:-:::::::*
cpe:2.3:h:qualcomm:sdr735:-:::::::*
cpe:2.3:h:qualcomm:sdr735g:-:::::::*
cpe:2.3:h:qualcomm:sdr8250:-:::::::*
cpe:2.3:h:qualcomm:sdr865:-:::::::*
cpe:2.3:h:qualcomm:smb1351:-:::::::*
cpe:2.3:h:qualcomm:smb1354:-:::::::*
cpe:2.3:h:qualcomm:smb1355:-:::::::*
cpe:2.3:h:qualcomm:smb1390:-:::::::*
cpe:2.3:h:qualcomm:smb1395:-:::::::*
cpe:2.3:h:qualcomm:smb1396:-:::::::*
cpe:2.3:h:qualcomm:smb1398:-:::::::*
cpe:2.3:h:qualcomm:smr525:-:::::::*
cpe:2.3:h:qualcomm:sm7350:-:::::::*
cpe:2.3:h:qualcomm:smb1394:-:::::::*
cpe:2.3:h:qualcomm:sd6905g:-:::::::*
cpe:2.3:h:qualcomm:sd8655g:-:::::::*
cpe:2.3:h:qualcomm:sd8885g:-:::::::*
cpe:2.3:h:qualcomm:sdxr25g:-:::::::*
cpe:2.3:h:qualcomm:sm4350:-:::::::*
cpe:2.3:h:qualcomm:smr526:-:::::::*
cpe:2.3:h:qualcomm:smr545:-:::::::*
cpe:2.3:h:qualcomm:smr546:-:::::::*
cpe:2.3:h:qualcomm:wcd9335:-:::::::*
cpe:2.3:h:qualcomm:wcd9341:-:::::::*
cpe:2.3:h:qualcomm:wcd9370:-:::::::*
cpe:2.3:h:qualcomm:wcd9375:-:::::::*
cpe:2.3:h:qualcomm:wcd9380:-:::::::*
cpe:2.3:h:qualcomm:wcd9385:-:::::::*
cpe:2.3:h:qualcomm:wcn3910:-:::::::*
cpe:2.3:h:qualcomm:wcn3950:-:::::::*
cpe:2.3:h:qualcomm:wcn3980:-:::::::*
cpe:2.3:h:qualcomm:wcn3988:-:::::::*
cpe:2.3:h:qualcomm:wcn3990:-:::::::*
cpe:2.3:h:qualcomm:wcn3991:-:::::::*
cpe:2.3:h:qualcomm:wcn3998:-:::::::*
cpe:2.3:h:qualcomm:wcn6750:-:::::::*
cpe:2.3:h:qualcomm:wcn6850:-:::::::*
cpe:2.3:h:qualcomm:wcn6851:-:::::::*
cpe:2.3:h:qualcomm:wcn6856:-:::::::*
cpe:2.3:h:qualcomm:wgr7640:-:::::::*
cpe:2.3:h:qualcomm:wsa8810:-:::::::*
cpe:2.3:h:qualcomm:wsa8815:-:::::::*
cpe:2.3:h:qualcomm:wsa8830:-:::::::*
cpe:2.3:h:qualcomm:wsa8835:-:::::::*
cpe:2.3:h:qualcomm:wtr2965:-:::::::*
cpe:2.3:h:qualcomm:wtr3925:-:::::::*
cpe:2.3:h:qualcomm:wcn6740:-:::::::*

Information

Published : 2021-01-21 02:15

Updated : 2021-01-29 12:28

NVD link : CVE-2020-11217

Mitre link : CVE-2020-11217

JSON object : View

CWE

CWE-415

Double Free

Products Affected

qualcomm

wcd9335
qcs4290
qpm4650
pmk8003
sm7350
smb1396
wcn6850
qat3519
sd765
qca6391
smb1395
qdm5671
wcd9370
qdm5679
qpa8673
qdm2307
qfs2630
sm4125
qpa6560
pm8150a
smr525
qpm5677
qat5515
qca6436
sdx55m
pm8350bh
wcd9380
pmr525
pm660l
sdr8250
pm6150l
pm660a
qpm6621
qdm2310
wcn3991
qdm2305
wsa8835
qln5040
sdr660
qpa4340
sd750g
pm8150l
qet6100
sdxr25g
qsm7250
qdm5621
qdm2301
sd660
qpa8686
pmr735a
qpa5580
qpa8801
sd8885g
wtr2965
sd768g
qpa5581
pmr735b
pm8250
qpm5679
pmk7350
qdm2308
qpm4640
pmx55
pm8150c
qdm5677
qat3550
wcn6856
pm7150l
wcn3990
qpm4641
wcn3998
qtc801s
pm6150a
smb1354
qln4650
qat3522
qpa4360
qdm5670
wcn3950
smb1394
qdm5652
qat3555
sdr425
pm660
qdm4643
rsw8577
qpm6582
pmi632
sd6905g
qpm5621
qfs2530
qpm6585
pm4125
sdr735g
wcd9341
qfs2580
wcd9375
qtc800h
wcn3980
qpa8803
qat3516
qpm5620
qca6421
sdr735
qpm4630
smb1398
sdr865
wsa8815
qat3514
smr546
qpa8842
wcn6740
qat5522
qat5533
qfs2608
qca6426
sd460
smb1351
qcm2290
pmk8350
wcn6851
qpm5658
qdm3302
qbt2000
qca6431
pm8008
qcm4290
qdm4650
qat3518
pm7350c
qln4642
qet4101
smr526
qln5030
wsa8810
qpm8870
sm4350
wtr3925
pm8150b
pm6125
pm6350
qdm3301
qpa8821
qpa5461
wcn6750
qdm5579
qtm525
qpm4621
pm8350b
sd765g
smb1390
qpm5657
pmk8002
qdm5650
qpm5670
qpm8895
wgr7640
qet6110
qpm5641
smb1355
qat5568
qpa2625
qet4100
wcn3988
pm8350
smr545
qln5020
qtc800s
qpm6670
wcd9385
pm8350c
pm7150a
qpm8830
qdm5620
qpm5870
qat5516
pm7250b
qpm8820
qpm5875
qca6390
qcs2290
sd8655g
sd662
qet5100
wsa8830
pm3003a
qpa8802
pm7250
wcn3910
sm7250p
qet5100m
pm8350bhs
pm8009

7.8 /10