CVE-2020-11127: Buffer Overflow
First published: Mon Nov 02 2020(Updated: )
u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCM4290, QCS405, QCS410, QCS4290, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA845, SDA855, SDM1000, SDM640, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm 9205 Firmware | ||
| Qualcomm 9205 | ||
| Qualcomm qcm4290 firmware | ||
| Qualcomm qcm4290 | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| qualcomm qcs410 firmware | ||
| qualcomm qcs410 | ||
| Qualcomm qcs4290 firmware | ||
| Qualcomm qcs4290 | ||
| qualcomm qcs610 firmware | ||
| qualcomm qcs610 | ||
| Qualcomm qsm8250 firmware | ||
| Qualcomm qsm8250 | ||
| Qualcomm sa415m firmware | ||
| Qualcomm sa415m | ||
| Qualcomm sa515m firmware | ||
| Qualcomm sa515m | ||
| Qualcomm sa6145p firmware | ||
| Qualcomm sa6145p | ||
| Qualcomm sa6150p firmware | ||
| Qualcomm sa6150p | ||
| Qualcomm sa6155 firmware | ||
| Qualcomm sa6155 | ||
| Qualcomm Sa6155p Firmware | ||
| qualcomm SA6155P | ||
| Qualcomm sa8150p firmware | ||
| Qualcomm sa8150p | ||
| Qualcomm sa8155 firmware | ||
| Qualcomm sa8155 | ||
| Qualcomm sa8155p firmware | ||
| Qualcomm sa8155p | ||
| Qualcomm sa8195p firmware | ||
| Qualcomm sa8195p | ||
| Qualcomm SC7180P Firmware | ||
| Qualcomm SC7180P Firmware | ||
| qualcomm SC8180X firmware | ||
| qualcomm SC8180X | ||
| Qualcomm sdx55 firmware | ||
| Qualcomm sdx55 | ||
| qualcomm SC8180XP firmware | ||
| qualcomm SC8180XP | ||
| qualcomm SDA640 firmware | ||
| qualcomm SDA640 | ||
| qualcomm sda845 firmware | ||
| qualcomm sda845 | ||
| qualcomm SDA855 firmware | ||
| qualcomm SDA855 | ||
| qualcomm SDM1000 firmware | ||
| qualcomm SDM1000 | ||
| qualcomm SDM640 firmware | ||
| qualcomm SDM640 | ||
| Qualcomm sdm830 firmware | ||
| Qualcomm sdm830 | ||
| qualcomm SDM845 firmware | ||
| qualcomm SDM845 | ||
| qualcomm sdm850 firmware | ||
| qualcomm sdm850 | ||
| Qualcomm sdx24 firmware | ||
| Qualcomm sdx24 | ||
| Qualcomm sdx50m firmware | ||
| Qualcomm sdx50m | ||
| Qualcomm sdx55m firmware | ||
| Qualcomm sdx55m | ||
| Qualcomm sm4125 firmware | ||
| Qualcomm sm4125 | ||
| qualcomm SM4250 firmware | ||
| qualcomm SM4250 | ||
| qualcomm SM4250P firmware | ||
| qualcomm SM4250P | ||
| qualcomm sm6115 firmware | ||
| qualcomm sm6115 | ||
| qualcomm SM6115P firmware | ||
| qualcomm SM6115P | ||
| Qualcomm SM6150 | ||
| Qualcomm SM6150 Firmware | ||
| qualcomm SM6150P firmware | ||
| qualcomm SM6150P | ||
| Qualcomm sm6250 firmware | ||
| Qualcomm sm6250 | ||
| Qualcomm sm6250p firmware | ||
| Qualcomm sm6250p | ||
| qualcomm sm6350 firmware | ||
| qualcomm sm6350 | ||
| qualcomm sm7125 firmware | ||
| qualcomm sm7125 | ||
| Qualcomm SM7150 Firmware | ||
| qualcomm SM7150 firmware | ||
| qualcomm SM7150P firmware | ||
| qualcomm SM7150P | ||
| qualcomm sm7225 firmware | ||
| qualcomm sm7225 | ||
| qualcomm sm7250 firmware | ||
| qualcomm sm7250 | ||
| qualcomm sm7250p firmware | ||
| qualcomm sm7250p | ||
| qualcomm SM8150 firmware | ||
| qualcomm SM8150 | ||
| qualcomm SM8150P firmware | ||
| qualcomm SM8150P | ||
| qualcomm SM8250 firmware | ||
| Qualcomm SM8250 | ||
| qualcomm SXR2130 firmware | ||
| qualcomm SXR2130 | ||
| qualcomm SXR2130P firmware | ||
| qualcomm SXR2130P | ||
| Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-11127?
CVE-2020-11127 has a high severity rating due to the potential for buffer overflow leading to arbitrary code execution.
How do I fix CVE-2020-11127?
Updating the affected Qualcomm firmware or applying the security patches provided by the vendor will mitigate CVE-2020-11127.
What products are affected by CVE-2020-11127?
CVE-2020-11127 affects multiple Qualcomm products including Snapdragon Auto and Snapdragon Compute firmware.
Can CVE-2020-11127 lead to remote exploitation?
Yes, CVE-2020-11127 can potentially be exploited remotely if an attacker can send malicious inputs to the affected components.
Is CVE-2020-11127 specific to certain Android versions?
CVE-2020-11127 is relevant to Android devices using the Qualcomm chipsets mentioned, particularly those running vulnerable firmware versions.
- agent/type
- agent/first-publish-date
- agent/references
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/weakness
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- vendor/qualcomm
- canonical/qualcomm 9205 firmware
- canonical/qualcomm 9205
- canonical/qualcomm qcm4290 firmware
- canonical/qualcomm qcm4290
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm qcs410 firmware
- canonical/qualcomm qcs410
- canonical/qualcomm qcs4290 firmware
- canonical/qualcomm qcs4290
- canonical/qualcomm qcs610 firmware
- canonical/qualcomm qcs610
- canonical/qualcomm qsm8250 firmware
- canonical/qualcomm qsm8250
- canonical/qualcomm sa415m firmware
- canonical/qualcomm sa415m
- canonical/qualcomm sa515m firmware
- canonical/qualcomm sa515m
- canonical/qualcomm sa6145p firmware
- canonical/qualcomm sa6145p
- canonical/qualcomm sa6150p firmware
- canonical/qualcomm sa6150p
- canonical/qualcomm sa6155 firmware
- canonical/qualcomm sa6155
- canonical/qualcomm sa6155p firmware
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8150p firmware
- canonical/qualcomm sa8150p
- canonical/qualcomm sa8155 firmware
- canonical/qualcomm sa8155
- canonical/qualcomm sa8155p firmware
- canonical/qualcomm sa8155p
- canonical/qualcomm sa8195p firmware
- canonical/qualcomm sa8195p
- canonical/qualcomm sc7180p firmware
- canonical/qualcomm sc8180x firmware
- canonical/qualcomm sc8180x
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sdx55
- canonical/qualcomm sc8180xp firmware
- canonical/qualcomm sc8180xp
- canonical/qualcomm sda640 firmware
- canonical/qualcomm sda640
- canonical/qualcomm sda845 firmware
- canonical/qualcomm sda845
- canonical/qualcomm sda855 firmware
- canonical/qualcomm sda855
- canonical/qualcomm sdm1000 firmware
- canonical/qualcomm sdm1000
- canonical/qualcomm sdm640 firmware
- canonical/qualcomm sdm640
- canonical/qualcomm sdm830 firmware
- canonical/qualcomm sdm830
- canonical/qualcomm sdm845 firmware
- canonical/qualcomm sdm845
- canonical/qualcomm sdm850 firmware
- canonical/qualcomm sdm850
- canonical/qualcomm sdx24 firmware
- canonical/qualcomm sdx24
- canonical/qualcomm sdx50m firmware
- canonical/qualcomm sdx50m
- canonical/qualcomm sdx55m firmware
- canonical/qualcomm sdx55m
- canonical/qualcomm sm4125 firmware
- canonical/qualcomm sm4125
- canonical/qualcomm sm4250 firmware
- canonical/qualcomm sm4250
- canonical/qualcomm sm4250p firmware
- canonical/qualcomm sm4250p
- canonical/qualcomm sm6115 firmware
- canonical/qualcomm sm6115
- canonical/qualcomm sm6115p firmware
- canonical/qualcomm sm6115p
- canonical/qualcomm sm6150
- canonical/qualcomm sm6150 firmware
- canonical/qualcomm sm6150p firmware
- canonical/qualcomm sm6150p
- canonical/qualcomm sm6250 firmware
- canonical/qualcomm sm6250
- canonical/qualcomm sm6250p firmware
- canonical/qualcomm sm6250p
- canonical/qualcomm sm6350 firmware
- canonical/qualcomm sm6350
- canonical/qualcomm sm7125 firmware
- canonical/qualcomm sm7125
- canonical/qualcomm sm7150 firmware
- canonical/qualcomm sm7150p firmware
- canonical/qualcomm sm7150p
- canonical/qualcomm sm7225 firmware
- canonical/qualcomm sm7225
- canonical/qualcomm sm7250 firmware
- canonical/qualcomm sm7250
- canonical/qualcomm sm7250p firmware
- canonical/qualcomm sm7250p
- canonical/qualcomm sm8150 firmware
- canonical/qualcomm sm8150
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150p
- canonical/qualcomm sm8250 firmware
- canonical/qualcomm sm8250
- canonical/qualcomm sxr2130 firmware
- canonical/qualcomm sxr2130
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130p
- vendor/google
- canonical/android