What is the severity of CVE-2017-11076?

CVE-2017-11076 has been classified with a high severity due to the potential for invalid memory access leading to exploitation.

How do I fix CVE-2017-11076?

To fix CVE-2017-11076, ensure you update to the latest firmware provided by Qualcomm for the affected hardware revisions.

Which Qualcomm products are affected by CVE-2017-11076?

CVE-2017-11076 affects specific Qualcomm hardware revisions that support VP9 decoding with hardware acceleration.

Can CVE-2017-11076 lead to a system crash?

Yes, CVE-2017-11076 can potentially lead to a system crash due to invalid memory access by the decoder.

Is CVE-2017-11076 publicly disclosed?

Yes, CVE-2017-11076 has been publicly disclosed in security bulletins related to Qualcomm firmware vulnerabilities.

Vulnerability/
CVE-2017-11076

critical

9.8

CWE

823 119

26/11/2024

9/1/2025

CVE-2017-11076: Use of Out-of-range Pointer Offset in Video

First published: Tue Nov 26 2024(Updated: )

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
All of
Qualcomm MSM8909W
Qualcomm Snapdragon 8909
All of
qualcomm MSM8996AU firmware
Qualcomm MSM8996AU Firmware
All of
Qualcomm SD210 Firmware
Qualcomm SD 210 Firmware
All of
Qualcomm SD 212
Qualcomm SD 212 Firmware
All of
Qualcomm SD205 Firmware
Qualcomm SD205 Firmware
All of
Qualcomm SDR425 Firmware
Qualcomm Snapdragon 425
All of
Qualcomm SD427 Firmware
Qualcomm SD 427 firmware
All of
Qualcomm SD 430 Firmware
Qualcomm SD 430 Firmware
All of
qualcomm sd435 firmware
Qualcomm Snapdragon 435
All of
Qualcomm SDM450 Firmware
Qualcomm SDM450
All of
Qualcomm SD615 Firmware
Qualcomm Snapdragon 615
All of
Qualcomm SD 616 Firmware
Qualcomm Snapdragon 616
All of
Qualcomm Snapdragon 415 Firmware
Qualcomm Snapdragon 415
All of
Qualcomm SD 625 Firmware
Qualcomm Snapdragon 625
All of
Qualcomm Snapdragon 810 Firmware
Qualcomm Snapdragon 810
All of
Qualcomm SD820 Firmware
Qualcomm SD820 Firmware
All of
Qualcomm SD820A Firmware
Qualcomm SD820A Firmware
All of
Qualcomm SD835 Firmware
Qualcomm Snapdragon 835
All of
Qualcomm SDA845 Firmware
Qualcomm SD845
All of
Qualcomm SDM429W
Qualcomm SD429
All of
qualcomm SDM439 firmware
Qualcomm SDM439 Firmware
All of
qualcomm SDM630 firmware
qualcomm SDM630
All of
Qualcomm SDM632
Qualcomm SDM632
All of
Qualcomm SD 636 Firmware
Qualcomm SDM636 Firmware
All of
Qualcomm SD660 Firmware
Qualcomm Snapdragon 660
All of
Qualcomm SD710 Firmware
Qualcomm Snapdragon 710
All of
Qualcomm Snapdragon High Med 2016
Qualcomm Snapdragon High Med 2016 Firmware

Never miss a vulnerability like this again

Reference Links

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html

Frequently Asked Questions

What is the severity of CVE-2017-11076?
CVE-2017-11076 has been classified with a high severity due to the potential for invalid memory access leading to exploitation.
How do I fix CVE-2017-11076?
To fix CVE-2017-11076, ensure you update to the latest firmware provided by Qualcomm for the affected hardware revisions.
Which Qualcomm products are affected by CVE-2017-11076?
CVE-2017-11076 affects specific Qualcomm hardware revisions that support VP9 decoding with hardware acceleration.
Can CVE-2017-11076 lead to a system crash?
Yes, CVE-2017-11076 can potentially lead to a system crash due to invalid memory access by the decoder.
Is CVE-2017-11076 publicly disclosed?
Yes, CVE-2017-11076 has been publicly disclosed in security bulletins related to Qualcomm firmware vulnerabilities.

agent/title
agent/references
agent/first-publish-date
agent/type
agent/description
agent/severity
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/source
agent/tags
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/qualcomm
canonical/qualcomm msm8909w
canonical/qualcomm snapdragon 8909
canonical/qualcomm msm8996au firmware
canonical/qualcomm sd210 firmware
canonical/qualcomm sd 210 firmware
canonical/qualcomm sd 212
canonical/qualcomm sd 212 firmware
canonical/qualcomm sd205 firmware
canonical/qualcomm sdr425 firmware
canonical/qualcomm snapdragon 425
canonical/qualcomm sd427 firmware
canonical/qualcomm sd 427 firmware
canonical/qualcomm sd 430 firmware
canonical/qualcomm sd435 firmware
canonical/qualcomm snapdragon 435
canonical/qualcomm sdm450 firmware
canonical/qualcomm sdm450
canonical/qualcomm sd615 firmware
canonical/qualcomm snapdragon 615
canonical/qualcomm sd 616 firmware
canonical/qualcomm snapdragon 616
canonical/qualcomm snapdragon 415 firmware
canonical/qualcomm snapdragon 415
canonical/qualcomm sd 625 firmware
canonical/qualcomm snapdragon 625
canonical/qualcomm snapdragon 810 firmware
canonical/qualcomm snapdragon 810
canonical/qualcomm sd820 firmware
canonical/qualcomm sd820a firmware
canonical/qualcomm sd835 firmware
canonical/qualcomm snapdragon 835
canonical/qualcomm sda845 firmware
canonical/qualcomm sd845
canonical/qualcomm sdm429w
canonical/qualcomm sd429
canonical/qualcomm sdm439 firmware
canonical/qualcomm sdm630 firmware
canonical/qualcomm sdm630
canonical/qualcomm sdm632
canonical/qualcomm sd 636 firmware
canonical/qualcomm sdm636 firmware
canonical/qualcomm sd660 firmware
canonical/qualcomm snapdragon 660
canonical/qualcomm sd710 firmware
canonical/qualcomm snapdragon 710
canonical/qualcomm snapdragon high med 2016
canonical/qualcomm snapdragon high med 2016 firmware