CVE-2020-11167: Integer Overflow
First published: Mon Dec 07 2020(Updated: )
Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| qualcomm apq8009w | ||
| Qualcomm apq8017 | ||
| qualcomm apq8037 | ||
| Qualcomm APQ8053 Firmware | ||
| Qualcomm apq8064au | ||
| Qualcomm apq8096au | ||
| Qualcomm aqt1000 | ||
| Qualcomm MSM8909W | ||
| Qualcomm msm8917 | ||
| qualcomm MSM8920 | ||
| qualcomm MSM8937 | ||
| qualcomm MSM8940 | ||
| Qualcomm msm8953 | ||
| Qualcomm MSM8996AU Firmware | ||
| Qualcomm pm215 | ||
| Qualcomm pm3003a | ||
| Qualcomm pm439 | ||
| Qualcomm pm6125 | ||
| Qualcomm pm6150 | ||
| Qualcomm pm6150a | ||
| Qualcomm pm6150l | ||
| Qualcomm pm6350 | ||
| Qualcomm pm640a | ||
| Qualcomm pm640l | ||
| Qualcomm pm640p | ||
| Qualcomm pm660 | ||
| Qualcomm pm660l | ||
| Qualcomm pm670 | ||
| Qualcomm pm670a | ||
| Qualcomm pm670l | ||
| Qualcomm pm7150a | ||
| Qualcomm pm7150l | ||
| Qualcomm pm7250 | ||
| Qualcomm pm7250b | ||
| Qualcomm pm8004 | ||
| Qualcomm pm8005 | ||
| Qualcomm pm8008 | ||
| Qualcomm pm8009 | ||
| Qualcomm pm8150a | ||
| Qualcomm pm8150b | ||
| Qualcomm pm8150c | ||
| Qualcomm pm8150l | ||
| Qualcomm pm8250 | ||
| Qualcomm pm855 | ||
| Qualcomm pm855a | ||
| Qualcomm Pm855b | ||
| Qualcomm pm855l | ||
| Qualcomm pm855p | ||
| Qualcomm pm8909 | ||
| Qualcomm pm8937 | ||
| Qualcomm PMI8940 Firmware | ||
| Qualcomm pm8953 | ||
| qualcomm pm8996 | ||
| Qualcomm pm8998 | ||
| Qualcomm pmi632 | ||
| Qualcomm pmi8937 | ||
| Qualcomm pmi8952 | ||
| qualcomm pmi8994 | ||
| qualcomm pmi8996 | ||
| Qualcomm pmi8998 | ||
| qualcomm pmk8001 | ||
| Qualcomm pmk8002 | ||
| Qualcomm pmk8003 | ||
| Qualcomm pmm855au | ||
| Qualcomm pmm8996au | ||
| Qualcomm pmr525 | ||
| Qualcomm pmr735a | ||
| Qualcomm pmr735b | ||
| Qualcomm pmw3100 | ||
| Qualcomm pmx50 | ||
| Qualcomm pmx55 | ||
| Qualcomm qat3516 | ||
| Qualcomm qat3518 | ||
| Qualcomm qat3519 | ||
| Qualcomm qat3522 | ||
| Qualcomm qat3550 | ||
| Qualcomm qat3555 | ||
| Qualcomm qat5515 | ||
| Qualcomm qat5516 | ||
| Qualcomm qat5522 | ||
| Qualcomm qat5533 | ||
| Qualcomm qbt1000 | ||
| Qualcomm qbt1500 | ||
| Qualcomm qbt2000 | ||
| Qualcomm qca6174a | ||
| qualcomm qca6175a | ||
| qualcomm qca6310 | ||
| qualcomm qca6320 | ||
| Qualcomm qca6335 | ||
| Qualcomm qca6390 | ||
| qualcomm qca6391 | ||
| Qualcomm qca6420 | ||
| qualcomm qca6421 | ||
| qualcomm qca6426 | ||
| Qualcomm qca6430 | ||
| qualcomm qca6431 | ||
| qualcomm qca6436 | ||
| Qualcomm qca6564a | ||
| qualcomm qca6564au | ||
| qualcomm qca6574 | ||
| qualcomm qca6574a | ||
| qualcomm qca6574au | ||
| qualcomm qca6595 | ||
| qualcomm qca6595au | ||
| qualcomm qca6696 | ||
| qualcomm qca9379 | ||
| Qualcomm qcs603 | ||
| Qualcomm QCS605 | ||
| Qualcomm qdm2301 | ||
| Qualcomm qdm2302 | ||
| Qualcomm qdm2305 | ||
| Qualcomm qdm2307 | ||
| Qualcomm qdm2308 | ||
| Qualcomm qdm2310 | ||
| Qualcomm qdm3301 | ||
| Qualcomm qdm5620 | ||
| Qualcomm qdm5621 | ||
| Qualcomm qdm5650 | ||
| Qualcomm qdm5652 | ||
| Qualcomm qdm5670 | ||
| Qualcomm qdm5671 | ||
| Qualcomm qdm5677 | ||
| Qualcomm qdm5679 | ||
| Qualcomm qet4100 | ||
| Qualcomm qet4101 | ||
| qualcomm qet4200aq | ||
| Qualcomm qet5100 | ||
| Qualcomm qet6100 | ||
| Qualcomm qet6110 | ||
| qualcomm qfe2080fc | ||
| qualcomm qfe2081fc | ||
| qualcomm qfe2082fc | ||
| Qualcomm qfe2101 | ||
| Qualcomm qfe2550 | ||
| qualcomm qfe3100 | ||
| qualcomm qfe3440fc | ||
| Qualcomm qfe4301 | ||
| Qualcomm qfe4302 | ||
| Qualcomm qfe4303 | ||
| Qualcomm qfe4305 | ||
| Qualcomm qfe4308 | ||
| Qualcomm qfe4309 | ||
| Qualcomm qfe4320 | ||
| Qualcomm qfe4373fc | ||
| qualcomm qfe4455fc | ||
| qualcomm qfe4465fc | ||
| Qualcomm qfs2530 | ||
| Qualcomm qfs2580 | ||
| Qualcomm qln1020 | ||
| Qualcomm qln1021aq | ||
| Qualcomm qln1030 | ||
| Qualcomm qln1031 | ||
| qualcomm qln1035bd | ||
| Qualcomm qln1036aq | ||
| Qualcomm qln4642 | ||
| Qualcomm qln4650 | ||
| Qualcomm qln5020 | ||
| Qualcomm qln5030 | ||
| Qualcomm qln5040 | ||
| Qualcomm qpa2625 | ||
| Qualcomm qpa4360 | ||
| Qualcomm qpa4361 | ||
| Qualcomm qpa5460 | ||
| Qualcomm qpa5580 | ||
| Qualcomm qpa5581 | ||
| Qualcomm qpa6560 | ||
| Qualcomm qpa8673 | ||
| Qualcomm qpa8686 | ||
| Qualcomm qpa8801 | ||
| Qualcomm qpa8802 | ||
| Qualcomm qpa8803 | ||
| Qualcomm qpa8821 | ||
| Qualcomm qpa8842 | ||
| Qualcomm qpm4650 | ||
| Qualcomm qpm5621 | ||
| Qualcomm qpm5658 | ||
| Qualcomm qpm5670 | ||
| Qualcomm qpm5677 | ||
| Qualcomm qpm5679 | ||
| Qualcomm qpm6582 | ||
| Qualcomm qpm6585 | ||
| Qualcomm qpm8820 | ||
| Qualcomm qpm8830 | ||
| Qualcomm qpm8870 | ||
| Qualcomm qpm8895 | ||
| Qualcomm qsm7250 | ||
| Qualcomm qsw6310 | ||
| Qualcomm qsw8573 | ||
| Qualcomm qsw8574 | ||
| Qualcomm qtc410s | ||
| Qualcomm qtc800h | ||
| Qualcomm qtc800s | ||
| Qualcomm qtc800t | ||
| Qualcomm qtc801s | ||
| Qualcomm qtm525 | ||
| Qualcomm qualcomm215 | ||
| Qualcomm rgr7640au | ||
| Qualcomm sa6155 | ||
| qualcomm SA6155P | ||
| Qualcomm sa8155 | ||
| Qualcomm sa8155p | ||
| Qualcomm sd205 | ||
| Qualcomm sd210 | ||
| Qualcomm sd429 | ||
| Qualcomm sd439 | ||
| Qualcomm sd450 | ||
| Qualcomm sd632 | ||
| Qualcomm sd665 | ||
| qualcomm sd675 | ||
| Qualcomm sd6905g | ||
| Qualcomm sd710 | ||
| qualcomm sd712 | ||
| Qualcomm sd750g | ||
| Qualcomm sd765 | ||
| Qualcomm sd765g | ||
| Qualcomm sd768g | ||
| qualcomm sd820 | ||
| qualcomm sd821 | ||
| Qualcomm sd835 | ||
| Qualcomm sd845 | ||
| qualcomm sd855 | ||
| Qualcomm sd8655g | ||
| Qualcomm sd8cx | ||
| qualcomm SDM429W | ||
| Qualcomm sdm830 | ||
| Qualcomm sdr051 | ||
| Qualcomm sdr052 | ||
| Qualcomm sdr660 | ||
| Qualcomm sdr660g | ||
| Qualcomm sdr735 | ||
| Qualcomm sdr8150 | ||
| Qualcomm sdr8250 | ||
| qualcomm sdr845 | ||
| Qualcomm sdr865 | ||
| qualcomm sdw2500 | ||
| Qualcomm sdx50m | ||
| Qualcomm sdx55 | ||
| Qualcomm sdx55m | ||
| qualcomm sdxr1 | ||
| qualcomm sdxr25g | ||
| qualcomm sm7250p | ||
| qualcomm smb1351 | ||
| qualcomm smb1355 | ||
| Qualcomm smb1358 | ||
| qualcomm smb1380 | ||
| qualcomm smb1381 | ||
| qualcomm smb1390 | ||
| qualcomm smb1395 | ||
| qualcomm smb1396 | ||
| qualcomm smr525 | ||
| qualcomm smr526 | ||
| Qualcomm wcd9326 | ||
| qualcomm wcd9335 | ||
| qualcomm wcd9340 | ||
| qualcomm wcd9341 | ||
| Qualcomm wcd9360 | ||
| Qualcomm wcd9370 | ||
| Qualcomm wcd9375 | ||
| qualcomm wcd9380 | ||
| qualcomm wcd9385 | ||
| Qualcomm wcn3610 | ||
| Qualcomm wcn3615 | ||
| Qualcomm wcn3620 | ||
| Qualcomm wcn3660 | ||
| Qualcomm wcn3660b | ||
| Qualcomm wcn3680 | ||
| Qualcomm wcn3680b | ||
| qualcomm wcn3950 | ||
| Qualcomm Wcn3980 | ||
| Qualcomm WCN3988 | ||
| qualcomm wcn3990 | ||
| Qualcomm WCN3991 Firmware | ||
| Qualcomm wcn3998 | ||
| qualcomm wgr7640 | ||
| qualcomm whs9410 | ||
| qualcomm wsa8810 | ||
| qualcomm wsa8815 | ||
| qualcomm wsa8830 | ||
| qualcomm wsa8835 | ||
| Qualcomm wtr2955 | ||
| qualcomm wtr2965 | ||
| qualcomm wtr3905 | ||
| qualcomm wtr3925 | ||
| qualcomm wtr3950 | ||
| Qualcomm Wtr4905 | ||
| qualcomm wtr5975 | ||
| Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://source.codeaurora.org/quic/le/platform/system/bt/commit/?id=cfdb42d512704965acd551b9ffb6de37aac51bf7
- https://source.codeaurora.org/quic/la/platform/system/bt/commit/?id=a741d8d2f59b2a090694be71cd538c821cf95ce5
- https://source.android.com/docs/security/bulletin/2020-12-01 (Advisory)
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin
Frequently Asked Questions
What is the severity of CVE-2020-11167?
CVE-2020-11167 has been classified as a high-severity vulnerability due to potential memory corruption issues.
How do I fix CVE-2020-11167?
To fix CVE-2020-11167, update to the latest available software version provided by Qualcomm or impacted device manufacturers.
What systems are affected by CVE-2020-11167?
CVE-2020-11167 affects various Snapdragon architecture products including mobile devices, automotive, and IoT devices.
What type of vulnerability is CVE-2020-11167?
CVE-2020-11167 is a memory corruption vulnerability during the processing of L2CAP packets.
Could CVE-2020-11167 lead to remote code execution?
Yes, CVE-2020-11167 has the potential to allow remote code execution due to memory corruption.
- agent/type
- agent/first-publish-date
- agent/remedy
- agent/references
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/event
- agent/last-modified-date
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- vendor/qualcomm
- canonical/qualcomm apq8009w
- canonical/qualcomm apq8017
- canonical/qualcomm apq8037
- canonical/qualcomm apq8053 firmware
- canonical/qualcomm apq8064au
- canonical/qualcomm apq8096au
- canonical/qualcomm aqt1000
- canonical/qualcomm msm8909w
- canonical/qualcomm msm8917
- canonical/qualcomm msm8920
- canonical/qualcomm msm8937
- canonical/qualcomm msm8940
- canonical/qualcomm msm8953
- canonical/qualcomm msm8996au firmware
- canonical/qualcomm pm215
- canonical/qualcomm pm3003a
- canonical/qualcomm pm439
- canonical/qualcomm pm6125
- canonical/qualcomm pm6150
- canonical/qualcomm pm6150a
- canonical/qualcomm pm6150l
- canonical/qualcomm pm6350
- canonical/qualcomm pm640a
- canonical/qualcomm pm640l
- canonical/qualcomm pm640p
- canonical/qualcomm pm660
- canonical/qualcomm pm660l
- canonical/qualcomm pm670
- canonical/qualcomm pm670a
- canonical/qualcomm pm670l
- canonical/qualcomm pm7150a
- canonical/qualcomm pm7150l
- canonical/qualcomm pm7250
- canonical/qualcomm pm7250b
- canonical/qualcomm pm8004
- canonical/qualcomm pm8005
- canonical/qualcomm pm8008
- canonical/qualcomm pm8009
- canonical/qualcomm pm8150a
- canonical/qualcomm pm8150b
- canonical/qualcomm pm8150c
- canonical/qualcomm pm8150l
- canonical/qualcomm pm8250
- canonical/qualcomm pm855
- canonical/qualcomm pm855a
- canonical/qualcomm pm855b
- canonical/qualcomm pm855l
- canonical/qualcomm pm855p
- canonical/qualcomm pm8909
- canonical/qualcomm pm8937
- canonical/qualcomm pmi8940 firmware
- canonical/qualcomm pm8953
- canonical/qualcomm pm8996
- canonical/qualcomm pm8998
- canonical/qualcomm pmi632
- canonical/qualcomm pmi8937
- canonical/qualcomm pmi8952
- canonical/qualcomm pmi8994
- canonical/qualcomm pmi8996
- canonical/qualcomm pmi8998
- canonical/qualcomm pmk8001
- canonical/qualcomm pmk8002
- canonical/qualcomm pmk8003
- canonical/qualcomm pmm855au
- canonical/qualcomm pmm8996au
- canonical/qualcomm pmr525
- canonical/qualcomm pmr735a
- canonical/qualcomm pmr735b
- canonical/qualcomm pmw3100
- canonical/qualcomm pmx50
- canonical/qualcomm pmx55
- canonical/qualcomm qat3516
- canonical/qualcomm qat3518
- canonical/qualcomm qat3519
- canonical/qualcomm qat3522
- canonical/qualcomm qat3550
- canonical/qualcomm qat3555
- canonical/qualcomm qat5515
- canonical/qualcomm qat5516
- canonical/qualcomm qat5522
- canonical/qualcomm qat5533
- canonical/qualcomm qbt1000
- canonical/qualcomm qbt1500
- canonical/qualcomm qbt2000
- canonical/qualcomm qca6174a
- canonical/qualcomm qca6175a
- canonical/qualcomm qca6310
- canonical/qualcomm qca6320
- canonical/qualcomm qca6335
- canonical/qualcomm qca6390
- canonical/qualcomm qca6391
- canonical/qualcomm qca6420
- canonical/qualcomm qca6421
- canonical/qualcomm qca6426
- canonical/qualcomm qca6430
- canonical/qualcomm qca6431
- canonical/qualcomm qca6436
- canonical/qualcomm qca6564a
- canonical/qualcomm qca6564au
- canonical/qualcomm qca6574
- canonical/qualcomm qca6574a
- canonical/qualcomm qca6574au
- canonical/qualcomm qca6595
- canonical/qualcomm qca6595au
- canonical/qualcomm qca6696
- canonical/qualcomm qca9379
- canonical/qualcomm qcs603
- canonical/qualcomm qcs605
- canonical/qualcomm qdm2301
- canonical/qualcomm qdm2302
- canonical/qualcomm qdm2305
- canonical/qualcomm qdm2307
- canonical/qualcomm qdm2308
- canonical/qualcomm qdm2310
- canonical/qualcomm qdm3301
- canonical/qualcomm qdm5620
- canonical/qualcomm qdm5621
- canonical/qualcomm qdm5650
- canonical/qualcomm qdm5652
- canonical/qualcomm qdm5670
- canonical/qualcomm qdm5671
- canonical/qualcomm qdm5677
- canonical/qualcomm qdm5679
- canonical/qualcomm qet4100
- canonical/qualcomm qet4101
- canonical/qualcomm qet4200aq
- canonical/qualcomm qet5100
- canonical/qualcomm qet6100
- canonical/qualcomm qet6110
- canonical/qualcomm qfe2080fc
- canonical/qualcomm qfe2081fc
- canonical/qualcomm qfe2082fc
- canonical/qualcomm qfe2101
- canonical/qualcomm qfe2550
- canonical/qualcomm qfe3100
- canonical/qualcomm qfe3440fc
- canonical/qualcomm qfe4301
- canonical/qualcomm qfe4302
- canonical/qualcomm qfe4303
- canonical/qualcomm qfe4305
- canonical/qualcomm qfe4308
- canonical/qualcomm qfe4309
- canonical/qualcomm qfe4320
- canonical/qualcomm qfe4373fc
- canonical/qualcomm qfe4455fc
- canonical/qualcomm qfe4465fc
- canonical/qualcomm qfs2530
- canonical/qualcomm qfs2580
- canonical/qualcomm qln1020
- canonical/qualcomm qln1021aq
- canonical/qualcomm qln1030
- canonical/qualcomm qln1031
- canonical/qualcomm qln1035bd
- canonical/qualcomm qln1036aq
- canonical/qualcomm qln4642
- canonical/qualcomm qln4650
- canonical/qualcomm qln5020
- canonical/qualcomm qln5030
- canonical/qualcomm qln5040
- canonical/qualcomm qpa2625
- canonical/qualcomm qpa4360
- canonical/qualcomm qpa4361
- canonical/qualcomm qpa5460
- canonical/qualcomm qpa5580
- canonical/qualcomm qpa5581
- canonical/qualcomm qpa6560
- canonical/qualcomm qpa8673
- canonical/qualcomm qpa8686
- canonical/qualcomm qpa8801
- canonical/qualcomm qpa8802
- canonical/qualcomm qpa8803
- canonical/qualcomm qpa8821
- canonical/qualcomm qpa8842
- canonical/qualcomm qpm4650
- canonical/qualcomm qpm5621
- canonical/qualcomm qpm5658
- canonical/qualcomm qpm5670
- canonical/qualcomm qpm5677
- canonical/qualcomm qpm5679
- canonical/qualcomm qpm6582
- canonical/qualcomm qpm6585
- canonical/qualcomm qpm8820
- canonical/qualcomm qpm8830
- canonical/qualcomm qpm8870
- canonical/qualcomm qpm8895
- canonical/qualcomm qsm7250
- canonical/qualcomm qsw6310
- canonical/qualcomm qsw8573
- canonical/qualcomm qsw8574
- canonical/qualcomm qtc410s
- canonical/qualcomm qtc800h
- canonical/qualcomm qtc800s
- canonical/qualcomm qtc800t
- canonical/qualcomm qtc801s
- canonical/qualcomm qtm525
- canonical/qualcomm qualcomm215
- canonical/qualcomm rgr7640au
- canonical/qualcomm sa6155
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8155
- canonical/qualcomm sa8155p
- canonical/qualcomm sd205
- canonical/qualcomm sd210
- canonical/qualcomm sd429
- canonical/qualcomm sd439
- canonical/qualcomm sd450
- canonical/qualcomm sd632
- canonical/qualcomm sd665
- canonical/qualcomm sd675
- canonical/qualcomm sd6905g
- canonical/qualcomm sd710
- canonical/qualcomm sd712
- canonical/qualcomm sd750g
- canonical/qualcomm sd765
- canonical/qualcomm sd765g
- canonical/qualcomm sd768g
- canonical/qualcomm sd820
- canonical/qualcomm sd821
- canonical/qualcomm sd835
- canonical/qualcomm sd845
- canonical/qualcomm sd855
- canonical/qualcomm sd8655g
- canonical/qualcomm sd8cx
- canonical/qualcomm sdm429w
- canonical/qualcomm sdm830
- canonical/qualcomm sdr051
- canonical/qualcomm sdr052
- canonical/qualcomm sdr660
- canonical/qualcomm sdr660g
- canonical/qualcomm sdr735
- canonical/qualcomm sdr8150
- canonical/qualcomm sdr8250
- canonical/qualcomm sdr845
- canonical/qualcomm sdr865
- canonical/qualcomm sdw2500
- canonical/qualcomm sdx50m
- canonical/qualcomm sdx55
- canonical/qualcomm sdx55m
- canonical/qualcomm sdxr1
- canonical/qualcomm sdxr25g
- canonical/qualcomm sm7250p
- canonical/qualcomm smb1351
- canonical/qualcomm smb1355
- canonical/qualcomm smb1358
- canonical/qualcomm smb1380
- canonical/qualcomm smb1381
- canonical/qualcomm smb1390
- canonical/qualcomm smb1395
- canonical/qualcomm smb1396
- canonical/qualcomm smr525
- canonical/qualcomm smr526
- canonical/qualcomm wcd9326
- canonical/qualcomm wcd9335
- canonical/qualcomm wcd9340
- canonical/qualcomm wcd9341
- canonical/qualcomm wcd9360
- canonical/qualcomm wcd9370
- canonical/qualcomm wcd9375
- canonical/qualcomm wcd9380
- canonical/qualcomm wcd9385
- canonical/qualcomm wcn3610
- canonical/qualcomm wcn3615
- canonical/qualcomm wcn3620
- canonical/qualcomm wcn3660
- canonical/qualcomm wcn3660b
- canonical/qualcomm wcn3680
- canonical/qualcomm wcn3680b
- canonical/qualcomm wcn3950
- canonical/qualcomm wcn3980
- canonical/qualcomm wcn3988
- canonical/qualcomm wcn3990
- canonical/qualcomm wcn3991 firmware
- canonical/qualcomm wcn3998
- canonical/qualcomm wgr7640
- canonical/qualcomm whs9410
- canonical/qualcomm wsa8810
- canonical/qualcomm wsa8815
- canonical/qualcomm wsa8830
- canonical/qualcomm wsa8835
- canonical/qualcomm wtr2955
- canonical/qualcomm wtr2965
- canonical/qualcomm wtr3905
- canonical/qualcomm wtr3925
- canonical/qualcomm wtr3950
- canonical/qualcomm wtr4905
- canonical/qualcomm wtr5975
- vendor/google
- canonical/android