Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2020-11120

Published: 08/09/2020 Updated: 14/09/2020
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Qualcomm

Vulnerability Summary

u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data buffer may not be valid and will lead to use after free scenario' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, APQ8098, Bitra, Kamorta, MSM8917, MSM8953, MSM8998, QCM2150, QCS405, QCS605, QM215, Rennell, Saipan, SDM429, SDM439, SDM450, SDM632, SM6150, SM7150, SM8150, SM8250, SXR2130

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qualcomm apq8096au_firmware -

qualcomm apq8098_firmware -

qualcomm bitra_firmware -

qualcomm kamorta_firmware -

qualcomm msm8917_firmware -

qualcomm msm8953_firmware -

qualcomm msm8998_firmware -

qualcomm qcm2150_firmware -

qualcomm qcs405_firmware -

qualcomm qcs605_firmware -

qualcomm qm215_firmware -

qualcomm rennell_firmware -

qualcomm saipan_firmware -

qualcomm sdm429_firmware -

qualcomm sdm439_firmware -

qualcomm sdm450_firmware -

qualcomm sdm632_firmware -

qualcomm sm6150_firmware -

qualcomm sm7150_firmware -

qualcomm sm8150_firmware -

qualcomm sm8250_firmware -

qualcomm sxr2130_firmware -

Recent Articles

As the world descends into madness, it's good to see some things never change: Monthly Android patches
The Register • Shaun Nichols in San Francisco • 04 Aug 2020

Qualcomm bugs among the worst – including a critical hole in wireless networking Is it Patch Blues-day for Outlook? Microsoft's email client breaks worldwide, leaves everyone stumped

Google has emitted the August edition of its Android software security updates. This month's fixes include one remote-code-execution bug (CVE-2020-0240), present in the Android Framework. Google warns that the bug "could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," though isn't being exploited... yet. That flaw was the only remote-code-execution bug present in the 01 level of the security patch bundle. This is t...

Read more...

References

CWE-416https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletinhttps://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletinhttps://nvd.nist.govhttps://www.theregister.co.uk/2020/08/04/android_august_patches/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook