CVE: CVE-2020-11127

Descrizione: u’Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCM4290, QCS405, QCS410, QCS4290, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA845, SDA855, SDM1000, SDM640, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P

Vettore di attacco

Riferimenti esterni

• https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin

Prodotti interessati

• Qualcomm, Inc. – Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Relazioni con altri prodotti

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Mobile
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Auto
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Compute
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Consumer IOT
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Industrial IOT
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Voice & Music
Anno: 2020
CWE:
CVSS: 0.0

Produttore:Qualcomm, Inc.
Prodotto: Snapdragon Wired Infrastructure and Networking
Anno: 2020
CWE:
CVSS: 0.0

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2020)