First published: Mon Oct 05 2020(Updated: )
u'Lack of handling unexpected control messages while encryption was in progress can terminate the connection and thus leading to a DoS' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8076, MDM9640, MDM9650, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, QCA6174A, QCA9886, QCM2150, QM215, SDM429, SDM439, SDM450, SDM632
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Apq8053 Firmware | ||
Qualcomm Apq8053 | ||
Qualcomm Apq8076 Firmware | ||
Qualcomm Apq8076 | ||
Qualcomm Mdm9640 Firmware | ||
Qualcomm Mdm9640 | ||
Qualcomm Mdm9650 Firmware | ||
Qualcomm Mdm9650 | ||
Qualcomm Msm8905 Firmware | ||
Qualcomm Msm8905 | ||
Qualcomm Msm8917 Firmware | ||
Qualcomm Msm8917 | ||
Qualcomm Msm8937 Firmware | ||
Google Android | ||
Qualcomm Msm8940 Firmware | ||
Qualcomm Msm8940 | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Qualcomm Qca9886 Firmware | ||
Qualcomm Qca9886 | ||
Qualcomm Qcm2150 Firmware | ||
Google Android | ||
Qualcomm Qm215 Firmware | ||
Qualcomm Qm215 | ||
Google Android | ||
Google Android | ||
Qualcomm Sdm439 Firmware | ||
Qualcomm Sdm439 | ||
Google Android | ||
Qualcomm SDM450 | ||
Qualcomm Sdm632 Firmware | ||
Qualcomm Sdm632 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-11157.
The severity of CVE-2020-11157 is high.
Google Android, Qualcomm Apq8053 Firmware, Qualcomm Mdm9640 Firmware, Qualcomm Mdm9650 Firmware, Qualcomm Msm8905 Firmware, Qualcomm Msm8917 Firmware, Qualcomm Msm8937 Firmware, Qualcomm Msm8940 Firmware, Qualcomm Qca9886 Firmware, Qualcomm Qcm2150 Firmware, Qualcomm Qm215 Firmware, Qualcomm Sdm439 Firmware, and Qualcomm Sdm632 Firmware are affected by CVE-2020-11157.
CVE-2020-11157 can terminate the connection and lead to a Denial of Service (DoS) attack.
More information about CVE-2020-11157 can be found in the Android Security Bulletin for October 2020 and the Qualcomm Product Security Bulletins for October 2020.