CVE-2020-11152: Use After Free
First published: Thu Jan 21 2021(Updated: )
Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qualcomm APQ8009 | ||
| Qualcomm APQ8017 | ||
| qualcomm apq8037 firmware | ||
| Qualcomm APQ8052 | ||
| Qualcomm APQ8053 Firmware | ||
| Qualcomm APQ8056 Firmware | ||
| Qualcomm APQ8076 Firmware | ||
| Qualcomm APQ8096AU Firmware | ||
| Qualcomm AQT1000 Firmware | ||
| Qualcomm AR8031 Firmware | ||
| Qualcomm CSRA6620 | ||
| Qualcomm csra6640 firmware | ||
| Qualcomm Snapdragon 8909 | ||
| Qualcomm MSM8916 Firmware | ||
| Qualcomm MSM8917 Firmware | ||
| Qualcomm 8920 | ||
| qualcomm MSM8937 firmware | ||
| qualcomm MSM8940 firmware | ||
| Qualcomm 8952 | ||
| Qualcomm MSM8953 Firmware | ||
| Qualcomm MSM8956 Firmware | ||
| Qualcomm 8976 | ||
| Qualcomm 8976 | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm PM439 | ||
| Qualcomm pm660 firmware | ||
| Qualcomm pm660a firmware | ||
| Qualcomm PM660L Firmware | ||
| Qualcomm pm670 firmware | ||
| Qualcomm PM670A | ||
| Qualcomm PM670L Firmware | ||
| Qualcomm PM8004 Firmware | ||
| Qualcomm PM8005 Firmware | ||
| Qualcomm PM855P | ||
| Qualcomm pm855a firmware | ||
| Qualcomm PM855B | ||
| Qualcomm pm855l firmware | ||
| Qualcomm PM855P | ||
| Qualcomm PM8916 Firmware | ||
| Qualcomm MSM8937 | ||
| Qualcomm PMI8940 Firmware | ||
| Qualcomm PMI8952 Firmware | ||
| Qualcomm PM8953 Firmware | ||
| Qualcomm 8956 | ||
| Qualcomm 8998 | ||
| Qualcomm PMD9655 | ||
| Qualcomm PMI632 Firmware | ||
| Qualcomm PMI8937 | ||
| Qualcomm PM8952 | ||
| Qualcomm 8998 | ||
| Qualcomm PMM8996AU | ||
| Qualcomm PMX24 | ||
| Qualcomm PMX50 | ||
| Qualcomm qat3514 firmware | ||
| Qualcomm QAT3522 firmware | ||
| Qualcomm QAT3550 Firmware | ||
| Qualcomm QBT1000 Firmware | ||
| Qualcomm qbt1500 firmware | ||
| Qualcomm QBT2000 | ||
| Qualcomm QCA6174A Firmware | ||
| Qualcomm QCA6310 Firmware | ||
| Qualcomm QCA6320 Firmware | ||
| Qualcomm QCA6420 Firmware | ||
| Qualcomm QCA6430 firmware | ||
| Qualcomm QCA6564A Firmware | ||
| Qualcomm QCA6564A | ||
| qualcomm qca6574a firmware | ||
| Qualcomm QCA6574AU | ||
| Qualcomm QCA6584AU firmware | ||
| Qualcomm QCA8337 Firmware | ||
| Qualcomm QCA9377 Firmware | ||
| Qualcomm QCC1110 Firmware | ||
| Qualcomm QCS405 Firmware | ||
| Qualcomm QCS603 Firmware | ||
| Qualcomm QCS605 Firmware | ||
| Qualcomm QET4100 Firmware | ||
| Qualcomm QET4101 Firmware | ||
| Qualcomm QET5100 Firmware | ||
| Qualcomm QET5100M Firmware | ||
| Qualcomm QFE2080FC Firmware | ||
| Qualcomm QFE2081FC | ||
| Qualcomm QFE2082FC | ||
| Qualcomm QFE2101 Firmware | ||
| Qualcomm QFE2550 Firmware | ||
| Qualcomm QFE3100 Firmware | ||
| Qualcomm QFE3440FC Firmware | ||
| Qualcomm QFE4301 Firmware | ||
| Qualcomm QFE4302 Firmware | ||
| Qualcomm QFE4303 Firmware | ||
| Qualcomm QFE4305 firmware | ||
| Qualcomm QFE4308 Firmware | ||
| Qualcomm QFE4309 Firmware | ||
| Qualcomm QFE4320 Firmware | ||
| Qualcomm QFE4373FC Firmware | ||
| Qualcomm QFE4455FC | ||
| Qualcomm QFE4465FC | ||
| Qualcomm QLN1035BD Firmware | ||
| Qualcomm QPA4340 Firmware | ||
| Qualcomm QPA4360 Firmware | ||
| Qualcomm qpa5460 firmware | ||
| Qualcomm QSW8573 Firmware | ||
| Qualcomm QTC800H Firmware | ||
| Qualcomm QTC800S Firmware | ||
| Qualcomm QTC800T Firmware | ||
| Qualcomm QTC801S Firmware | ||
| Qualcomm RGR7640AU Firmware | ||
| Qualcomm RSW8577 | ||
| Qualcomm Snapdragon 439 | ||
| Qualcomm Snapdragon 450 | ||
| Qualcomm Snapdragon 636 | ||
| Qualcomm Snapdragon 660 | ||
| Qualcomm SD710 Firmware | ||
| Qualcomm SD 712 | ||
| Qualcomm Snapdragon 835 | ||
| Qualcomm Snapdragon 855 | ||
| Qualcomm Snapdragon 8cx | ||
| Qualcomm SDM630 Firmware | ||
| Qualcomm Snapdragon 830 | ||
| Qualcomm SDR051 Firmware | ||
| Qualcomm SDR052 | ||
| Qualcomm SDR660 | ||
| Qualcomm SDR8150 Firmware | ||
| Qualcomm SDW2500 | ||
| Qualcomm SDW3100 Firmware | ||
| Qualcomm SDX24 | ||
| Qualcomm SDX50M Firmware | ||
| Qualcomm SMB1351 Firmware | ||
| Qualcomm SMB1355 Firmware | ||
| Qualcomm SMB1358 Firmware | ||
| Qualcomm SMB1360 Firmware | ||
| Qualcomm SMB1380 Firmware | ||
| Qualcomm SMB1381 Firmware | ||
| Qualcomm SMB1390 Firmware | ||
| Qualcomm SMB231 Firmware | ||
| Qualcomm WCD9306 | ||
| Qualcomm WCD9326 Firmware | ||
| Qualcomm WCD9330 Firmware | ||
| Qualcomm WCD9335 Firmware | ||
| Qualcomm WCD9340 Firmware | ||
| Qualcomm WCD9341 Firmware | ||
| Qualcomm WCD9360 Firmware | ||
| Qualcomm WCN3610 Firmware | ||
| Qualcomm WCN3615 Firmware | ||
| Qualcomm WCN3620 Firmware | ||
| Qualcomm WCN3660B Firmware | ||
| Qualcomm WCN3680B Firmware | ||
| Qualcomm WCN3950 Firmware | ||
| Qualcomm WCN3980 | ||
| Qualcomm WCN3990 | ||
| Qualcomm wcn3998 firmware | ||
| Qualcomm WCN3999 Firmware | ||
| Qualcomm WGR7640 Firmware | ||
| Qualcomm WHS9410 | ||
| Qualcomm WSA8810 Firmware | ||
| Qualcomm WSA8815 Firmware | ||
| Qualcomm WTR2955 Firmware | ||
| Qualcomm WTR2965 | ||
| Qualcomm WTR3925L | ||
| Qualcomm WTR4905 Firmware | ||
| Qualcomm WTR5975 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-11152?
CVE-2020-11152 has been classified with a medium severity rating.
How do I fix CVE-2020-11152?
To fix CVE-2020-11152, apply the security patches provided by Qualcomm in their December 2020 security bulletin.
Which devices are affected by CVE-2020-11152?
CVE-2020-11152 affects various Qualcomm Snapdragon chipsets used in automotive, consumer IoT, and mobile devices.
Can CVE-2020-11152 be exploited remotely?
Yes, CVE-2020-11152 can potentially be exploited remotely due to its nature as a race condition in the HAL layer.
What types of products use the affected Qualcomm components in CVE-2020-11152?
Products using Snapdragon Auto, Snapdragon Compute, mobile phones, and certain IoT devices are likely to be impacted by CVE-2020-11152.
- agent/references
- agent/type
- agent/author
- agent/severity
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/qualcomm
- canonical/qualcomm apq8009
- canonical/qualcomm apq8017
- canonical/qualcomm apq8037 firmware
- canonical/qualcomm apq8052
- canonical/qualcomm apq8053 firmware
- canonical/qualcomm apq8056 firmware
- canonical/qualcomm apq8076 firmware
- canonical/qualcomm apq8096au firmware
- canonical/qualcomm aqt1000 firmware
- canonical/qualcomm ar8031 firmware
- canonical/qualcomm csra6620
- canonical/qualcomm csra6640 firmware
- canonical/qualcomm snapdragon 8909
- canonical/qualcomm msm8916 firmware
- canonical/qualcomm msm8917 firmware
- canonical/qualcomm 8920
- canonical/qualcomm msm8937 firmware
- canonical/qualcomm msm8940 firmware
- canonical/qualcomm 8952
- canonical/qualcomm msm8953 firmware
- canonical/qualcomm msm8956 firmware
- canonical/qualcomm 8976
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm pm439
- canonical/qualcomm pm660 firmware
- canonical/qualcomm pm660a firmware
- canonical/qualcomm pm660l firmware
- canonical/qualcomm pm670 firmware
- canonical/qualcomm pm670a
- canonical/qualcomm pm670l firmware
- canonical/qualcomm pm8004 firmware
- canonical/qualcomm pm8005 firmware
- canonical/qualcomm pm855p
- canonical/qualcomm pm855a firmware
- canonical/qualcomm pm855b
- canonical/qualcomm pm855l firmware
- canonical/qualcomm pm8916 firmware
- canonical/qualcomm msm8937
- canonical/qualcomm pmi8940 firmware
- canonical/qualcomm pmi8952 firmware
- canonical/qualcomm pm8953 firmware
- canonical/qualcomm 8956
- canonical/qualcomm 8998
- canonical/qualcomm pmd9655
- canonical/qualcomm pmi632 firmware
- canonical/qualcomm pmi8937
- canonical/qualcomm pm8952
- canonical/qualcomm pmm8996au
- canonical/qualcomm pmx24
- canonical/qualcomm pmx50
- canonical/qualcomm qat3514 firmware
- canonical/qualcomm qat3522 firmware
- canonical/qualcomm qat3550 firmware
- canonical/qualcomm qbt1000 firmware
- canonical/qualcomm qbt1500 firmware
- canonical/qualcomm qbt2000
- canonical/qualcomm qca6174a firmware
- canonical/qualcomm qca6310 firmware
- canonical/qualcomm qca6320 firmware
- canonical/qualcomm qca6420 firmware
- canonical/qualcomm qca6430 firmware
- canonical/qualcomm qca6564a firmware
- canonical/qualcomm qca6564a
- canonical/qualcomm qca6574a firmware
- canonical/qualcomm qca6574au
- canonical/qualcomm qca6584au firmware
- canonical/qualcomm qca8337 firmware
- canonical/qualcomm qca9377 firmware
- canonical/qualcomm qcc1110 firmware
- canonical/qualcomm qcs405 firmware
- canonical/qualcomm qcs603 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm qet4100 firmware
- canonical/qualcomm qet4101 firmware
- canonical/qualcomm qet5100 firmware
- canonical/qualcomm qet5100m firmware
- canonical/qualcomm qfe2080fc firmware
- canonical/qualcomm qfe2081fc
- canonical/qualcomm qfe2082fc
- canonical/qualcomm qfe2101 firmware
- canonical/qualcomm qfe2550 firmware
- canonical/qualcomm qfe3100 firmware
- canonical/qualcomm qfe3440fc firmware
- canonical/qualcomm qfe4301 firmware
- canonical/qualcomm qfe4302 firmware
- canonical/qualcomm qfe4303 firmware
- canonical/qualcomm qfe4305 firmware
- canonical/qualcomm qfe4308 firmware
- canonical/qualcomm qfe4309 firmware
- canonical/qualcomm qfe4320 firmware
- canonical/qualcomm qfe4373fc firmware
- canonical/qualcomm qfe4455fc
- canonical/qualcomm qfe4465fc
- canonical/qualcomm qln1035bd firmware
- canonical/qualcomm qpa4340 firmware
- canonical/qualcomm qpa4360 firmware
- canonical/qualcomm qpa5460 firmware
- canonical/qualcomm qsw8573 firmware
- canonical/qualcomm qtc800h firmware
- canonical/qualcomm qtc800s firmware
- canonical/qualcomm qtc800t firmware
- canonical/qualcomm qtc801s firmware
- canonical/qualcomm rgr7640au firmware
- canonical/qualcomm rsw8577
- canonical/qualcomm snapdragon 439
- canonical/qualcomm snapdragon 450
- canonical/qualcomm snapdragon 636
- canonical/qualcomm snapdragon 660
- canonical/qualcomm sd710 firmware
- canonical/qualcomm sd 712
- canonical/qualcomm snapdragon 835
- canonical/qualcomm snapdragon 855
- canonical/qualcomm snapdragon 8cx
- canonical/qualcomm sdm630 firmware
- canonical/qualcomm snapdragon 830
- canonical/qualcomm sdr051 firmware
- canonical/qualcomm sdr052
- canonical/qualcomm sdr660
- canonical/qualcomm sdr8150 firmware
- canonical/qualcomm sdw2500
- canonical/qualcomm sdw3100 firmware
- canonical/qualcomm sdx24
- canonical/qualcomm sdx50m firmware
- canonical/qualcomm smb1351 firmware
- canonical/qualcomm smb1355 firmware
- canonical/qualcomm smb1358 firmware
- canonical/qualcomm smb1360 firmware
- canonical/qualcomm smb1380 firmware
- canonical/qualcomm smb1381 firmware
- canonical/qualcomm smb1390 firmware
- canonical/qualcomm smb231 firmware
- canonical/qualcomm wcd9306
- canonical/qualcomm wcd9326 firmware
- canonical/qualcomm wcd9330 firmware
- canonical/qualcomm wcd9335 firmware
- canonical/qualcomm wcd9340 firmware
- canonical/qualcomm wcd9341 firmware
- canonical/qualcomm wcd9360 firmware
- canonical/qualcomm wcn3610 firmware
- canonical/qualcomm wcn3615 firmware
- canonical/qualcomm wcn3620 firmware
- canonical/qualcomm wcn3660b firmware
- canonical/qualcomm wcn3680b firmware
- canonical/qualcomm wcn3950 firmware
- canonical/qualcomm wcn3980
- canonical/qualcomm wcn3990
- canonical/qualcomm wcn3998 firmware
- canonical/qualcomm wcn3999 firmware
- canonical/qualcomm wgr7640 firmware
- canonical/qualcomm whs9410
- canonical/qualcomm wsa8810 firmware
- canonical/qualcomm wsa8815 firmware
- canonical/qualcomm wtr2955 firmware
- canonical/qualcomm wtr2965
- canonical/qualcomm wtr3925l
- canonical/qualcomm wtr4905 firmware
- canonical/qualcomm wtr5975 firmware