CVE-2020-11130: Buffer Overflow
First published: Thu Nov 12 2020(Updated: )
u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm QCM4290 | ||
| Qualcomm QCM4290 Firmware | ||
| Qualcomm QCS4290 Firmware | ||
| Qualcomm QCS4290 Firmware | ||
| Qualcomm 215 Firmware | ||
| Qualcomm 215 | ||
| Qualcomm SM8350 Firmware | ||
| Qualcomm QSM8350 Firmware | ||
| Qualcomm SA6145P Firmware | ||
| Qualcomm SA6145P Firmware | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155 Firmware | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155P | ||
| Qualcomm SA8155P Firmware | ||
| Qualcomm SA8155 Firmware | ||
| Qualcomm SA8155 | ||
| Qualcomm SA8155P Firmware | ||
| qualcomm SC8180X firmware | ||
| Qualcomm SC8180X | ||
| qualcomm SC8180XP firmware | ||
| Qualcomm SC8180XP-AA | ||
| Qualcomm SDX55M Firmware | ||
| Qualcomm SDX55 Firmware | ||
| Qualcomm SDX55M Firmware | ||
| Qualcomm SDX55M Firmware | ||
| qualcomm sm4250-aa firmware | ||
| Qualcomm SM4250 Firmware | ||
| qualcomm SM4250P firmware | ||
| Qualcomm SA4250P | ||
| Qualcomm SM6115 | ||
| Qualcomm SM6115 Firmware | ||
| qualcomm SM6115P | ||
| qualcomm SM6115P firmware | ||
| Qualcomm SM6125 | ||
| Qualcomm SM6125 Firmware | ||
| Qualcomm SM6250P Firmware | ||
| Qualcomm SM6250 Firmware | ||
| qualcomm sm6350 firmware | ||
| qualcomm sm6350 firmware | ||
| Qualcomm SM7125 | ||
| Qualcomm SM7125 Firmware | ||
| Qualcomm SM7225 | ||
| Qualcomm SM7225 | ||
| Qualcomm QSM7250 Firmware | ||
| Qualcomm QSM7250 | ||
| Qualcomm SM7250 Firmware | ||
| Qualcomm SM7250 | ||
| Qualcomm SM8150P Firmware | ||
| Qualcomm SM8150 Fusion | ||
| Qualcomm SM8150 Firmware | ||
| Qualcomm SA8150P | ||
| Qualcomm SM8250 | ||
| Qualcomm qsm8250 | ||
| Qualcomm QSM8350 Firmware | ||
| Qualcomm SM8350-AC | ||
| qualcomm SM8350P firmware | ||
| Qualcomm SM8350 | ||
| qualcomm SXR2130P firmware | ||
| Qualcomm SXR2130 | ||
| qualcomm SXR2130 firmware | ||
| Qualcomm SXR2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-11130.
What is the severity of CVE-2020-11130?
The severity of CVE-2020-11130 is high with a CVSS score of 7.8.
Which products are affected by CVE-2020-11130?
The affected products include Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, and SDX55M.
What is the description of CVE-2020-11130?
The vulnerability is a possible buffer overflow in the WIFI hal process, which occurs due to copying data without checking the buffer length.
Is there a fix available for CVE-2020-11130?
Yes, a fix is available for CVE-2020-11130. Please refer to the official Qualcomm bulletin at https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin for more information.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/qualcomm
- canonical/qualcomm qcm4290
- canonical/qualcomm qcm4290 firmware
- canonical/qualcomm qcs4290 firmware
- canonical/qualcomm 215 firmware
- canonical/qualcomm 215
- canonical/qualcomm sm8350 firmware
- canonical/qualcomm qsm8350 firmware
- canonical/qualcomm sa6145p firmware
- canonical/qualcomm sa6155
- canonical/qualcomm sa6155 firmware
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8155p firmware
- canonical/qualcomm sa8155 firmware
- canonical/qualcomm sa8155
- canonical/qualcomm sc8180x firmware
- canonical/qualcomm sc8180x
- canonical/qualcomm sc8180xp firmware
- canonical/qualcomm sc8180xp-aa
- canonical/qualcomm sdx55m firmware
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sm4250-aa firmware
- canonical/qualcomm sm4250 firmware
- canonical/qualcomm sm4250p firmware
- canonical/qualcomm sa4250p
- canonical/qualcomm sm6115
- canonical/qualcomm sm6115 firmware
- canonical/qualcomm sm6115p
- canonical/qualcomm sm6115p firmware
- canonical/qualcomm sm6125
- canonical/qualcomm sm6125 firmware
- canonical/qualcomm sm6250p firmware
- canonical/qualcomm sm6250 firmware
- canonical/qualcomm sm6350 firmware
- canonical/qualcomm sm7125
- canonical/qualcomm sm7125 firmware
- canonical/qualcomm sm7225
- canonical/qualcomm qsm7250 firmware
- canonical/qualcomm qsm7250
- canonical/qualcomm sm7250 firmware
- canonical/qualcomm sm7250
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150 fusion
- canonical/qualcomm sm8150 firmware
- canonical/qualcomm sa8150p
- canonical/qualcomm sm8250
- canonical/qualcomm qsm8250
- canonical/qualcomm sm8350-ac
- canonical/qualcomm sm8350p firmware
- canonical/qualcomm sm8350
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130
- canonical/qualcomm sxr2130 firmware