high
7.8
CWE
129
Advisory Published
CVE Published
Updated

CVE-2020-11146: Out-of-bounds Read

First published: Mon Dec 07 2020(Updated: )

Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Credit: product-security@qualcomm.com

Affected SoftwareAffected VersionHow to fix
qualcomm apq8076
Qualcomm aqt1000
Qualcomm ar8031
Qualcomm ar8035
Qualcomm csra6620
Qualcomm csra6640
qualcomm MSM8937
Qualcomm Pm215
Qualcomm Pm3003a
Qualcomm Pm4125
Qualcomm Pm456
Qualcomm Pm6125
Qualcomm Pm6150
Qualcomm Pm6150a
Qualcomm Pm6150l
Qualcomm Pm6250
Qualcomm Pm6350
Qualcomm Pm640a
Qualcomm Pm640l
Qualcomm Pm640p
Qualcomm pm660
Qualcomm pm660l
Qualcomm pm670
Qualcomm pm670l
Qualcomm Pm7150a
Qualcomm Pm7150l
Qualcomm Pm7250
Qualcomm Pm7250b
Qualcomm Pm7350c
Qualcomm pm8004
Qualcomm pm8005
Qualcomm Pm8008
Qualcomm Pm8009
Qualcomm Pm8150
Qualcomm Pm8150a
Qualcomm Pm8150b
Qualcomm Pm8150c
Qualcomm Pm8150l
Qualcomm Pm8250
Qualcomm Pm8350
Qualcomm Pm8350b
Qualcomm Pm8350bh
Qualcomm Pm8350bhs
Qualcomm Pm8350c
Qualcomm pm855
Qualcomm Pm855b
Qualcomm pm855l
Qualcomm pm855p
Qualcomm Pm8909
Qualcomm pm8916
Qualcomm pm8937
qualcomm pm8952
qualcomm pm8956
Qualcomm pm8998
Qualcomm Pmc1000h
Qualcomm pmd9655
Qualcomm pmi632
Qualcomm Pmi8937
Qualcomm Pmi8952
Qualcomm Pmi8998
Qualcomm Pmk7350
Qualcomm Pmk8002
Qualcomm Pmk8003
Qualcomm Pmk8350
Qualcomm Pmm6155au
Qualcomm Pmm8155au
Qualcomm Pmm8195au
Qualcomm Pmm855au
Qualcomm Pmr525
Qualcomm Pmr735a
Qualcomm Pmr735b
Qualcomm Pmw3100
Qualcomm Pmx55
Qualcomm qat3514
Qualcomm Qat3516
Qualcomm Qat3518
Qualcomm Qat3519
Qualcomm Qat3522
Qualcomm Qat3550
Qualcomm Qat3555
Qualcomm Qat5515
Qualcomm Qat5516
Qualcomm Qat5522
Qualcomm Qat5533
Qualcomm Qat5568
Qualcomm Qbt1500
Qualcomm Qbt2000
qualcomm qca4020
Qualcomm qca6174a
qualcomm qca6175a
qualcomm qca6310
Qualcomm qca6335
Qualcomm qca6390
qualcomm qca6391
Qualcomm qca6420
qualcomm qca6421
qualcomm qca6426
Qualcomm qca6430
qualcomm qca6431
qualcomm qca6436
Qualcomm qca6564
Qualcomm qca6564a
qualcomm qca6564au
qualcomm qca6574
qualcomm qca6574a
qualcomm qca6574au
qualcomm QCA6584AU
qualcomm qca6595
qualcomm qca6595au
qualcomm qca6696
qualcomm qca8337
qualcomm qca9379
Qualcomm qcm4290
Qualcomm QCS405 Firmware
Qualcomm qcs4290
Qualcomm QCS605
Qualcomm Qdm2301
Qualcomm Qdm2302
Qualcomm Qdm2305
Qualcomm Qdm2307
Qualcomm Qdm2308
Qualcomm Qdm2310
Qualcomm Qdm3301
Qualcomm Qdm3302
Qualcomm Qdm4643
Qualcomm Qdm4650
Qualcomm Qdm5579
Qualcomm Qdm5620
Qualcomm Qdm5621
Qualcomm Qdm5650
Qualcomm Qdm5652
Qualcomm Qdm5670
Qualcomm Qdm5671
Qualcomm Qdm5677
Qualcomm Qdm5679
Qualcomm Qet4100
Qualcomm Qet4101
Qualcomm Qet4200aq
Qualcomm Qet5100
Qualcomm Qet5100m
Qualcomm Qet6100
Qualcomm Qet6110
Qualcomm Qfs2530
Qualcomm Qfs2580
Qualcomm Qfs2608
Qualcomm Qfs2630
Qualcomm Qln1020
Qualcomm Qln1021aq
Qualcomm Qln1030
Qualcomm Qln1031
Qualcomm Qln1036aq
Qualcomm Qln4640
Qualcomm Qln4642
Qualcomm Qln4650
Qualcomm Qln5020
Qualcomm Qln5030
Qualcomm Qln5040
Qualcomm Qpa2625
Qualcomm Qpa4360
Qualcomm Qpa4361
Qualcomm Qpa5461
Qualcomm Qpa5580
Qualcomm Qpa5581
Qualcomm Qpa6560
Qualcomm Qpa8673
Qualcomm Qpa8675
Qualcomm Qpa8686
Qualcomm Qpa8801
Qualcomm Qpa8802
Qualcomm Qpa8803
Qualcomm Qpa8821
Qualcomm Qpa8842
Qualcomm Qpm2630
Qualcomm Qpm4621
Qualcomm Qpm4630
Qualcomm Qpm4640
Qualcomm Qpm4641
Qualcomm Qpm4650
Qualcomm Qpm5541
Qualcomm Qpm5577
Qualcomm Qpm5579
Qualcomm Qpm5621
Qualcomm Qpm5641
Qualcomm Qpm5658
Qualcomm Qpm5670
Qualcomm Qpm5677
Qualcomm Qpm5679
Qualcomm Qpm5870
Qualcomm Qpm5875
Qualcomm Qpm6325
Qualcomm Qpm6375
Qualcomm Qpm6582
Qualcomm Qpm6585
Qualcomm Qpm6621
Qualcomm Qpm6670
Qualcomm Qpm8820
Qualcomm Qpm8830
Qualcomm Qpm8870
Qualcomm Qpm8895
Qualcomm Qsm7250
Qualcomm Qsw6310
Qualcomm Qsw8573
Qualcomm Qsw8574
Qualcomm Qtc410s
Qualcomm Qtc800h
Qualcomm Qtc800s
Qualcomm Qtc801s
Qualcomm Qtm525
Qualcomm Qtm527
Qualcomm Qualcomm215
Qualcomm sa6145p
Qualcomm sa6155
qualcomm SA6155P
Qualcomm sa8150p
Qualcomm sa8155
Qualcomm sa8155p
Qualcomm sa8195p
Qualcomm sd205
Qualcomm sd210
Qualcomm sd429
Qualcomm sd460
Qualcomm sd662
Qualcomm sd665
qualcomm sd670
qualcomm sd675
Qualcomm Sd6905g
Qualcomm sd710
Qualcomm sd720g
Qualcomm Sd730
Qualcomm sd750g
Qualcomm sd765
Qualcomm sd765g
Qualcomm sd768g
Qualcomm sd845
qualcomm sd855
Qualcomm Sd8655g
Qualcomm Sd8885g
Qualcomm Sd8c
Qualcomm Sd8cx
Qualcomm sda429w
qualcomm SDM429W
Qualcomm Sdr425
Qualcomm Sdr660
Qualcomm Sdr660g
Qualcomm Sdr675
Qualcomm Sdr735
Qualcomm Sdr735g
Qualcomm Sdr8150
Qualcomm Sdr8250
Qualcomm Sdr865
Qualcomm sdx55
Qualcomm sdx55m
qualcomm sdxr1
Qualcomm Sdxr25g
Qualcomm sm4125
Qualcomm sm6250
Qualcomm sm6250p
qualcomm sm7250p
Qualcomm Sm7350
Qualcomm Smb1351
Qualcomm Smb1354
Qualcomm Smb1355
Qualcomm Smb1380
Qualcomm Smb1381
Qualcomm Smb1390
Qualcomm Smb1394
Qualcomm Smb1395
Qualcomm Smb1396
Qualcomm Smb1398
Qualcomm Smb2351
Qualcomm Smr525
Qualcomm Smr526
Qualcomm Smr545
Qualcomm Smr546
qualcomm wcd9306
Qualcomm wcd9326
qualcomm wcd9335
qualcomm wcd9340
qualcomm wcd9341
Qualcomm wcd9370
Qualcomm wcd9371
Qualcomm wcd9375
qualcomm wcd9380
qualcomm wcd9385
Qualcomm wcn3610
Qualcomm wcn3615
Qualcomm Wcn3620
Qualcomm wcn3660b
Qualcomm Wcn3680
Qualcomm wcn3680b
Qualcomm wcn3910
qualcomm wcn3950
Qualcomm Wcn3980
Qualcomm WCN3988
qualcomm wcn3990
Qualcomm WCN3991 Firmware
Qualcomm wcn3998
Qualcomm wcn3999
qualcomm wcn6740
qualcomm wcn6750
Qualcomm WCN6850 Firmware
Qualcomm WCN6851 Firmware
qualcomm wcn6856
Qualcomm Wgr7640
qualcomm wsa8810
qualcomm wsa8815
qualcomm wsa8830
qualcomm wsa8835
Qualcomm Wtr2955
Qualcomm Wtr2965
Qualcomm Wtr3925
Qualcomm Wtr4905
Qualcomm Wtr5975
Qualcomm Wtr6955
Android

Remedy

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2020-11146?

    CVE-2020-11146 has a severity rating of high due to the potential for denial of service and data corruption.

  • How do I fix CVE-2020-11146?

    To fix CVE-2020-11146, apply the latest patches and firmware updates provided by Qualcomm and your device manufacturer.

  • What devices are affected by CVE-2020-11146?

    CVE-2020-11146 affects a wide range of Qualcomm Snapdragon products, including those used in mobile and IoT devices.

  • What happens if CVE-2020-11146 is exploited?

    If exploited, CVE-2020-11146 could allow an attacker to perform out-of-bounds write operations resulting in system instability.

  • Is CVE-2020-11146 fixable by end users?

    Yes, end users can mitigate CVE-2020-11146 by ensuring that their device is updated with the latest software patches.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203