What is CVE-2020-11172?

CVE-2020-11172 is a vulnerability that allows an attacker to cause a stack overflow by reading a string from a file and storing its contents on a statically allocated stack memory.

What is the severity of CVE-2020-11172?

CVE-2020-11172 has a severity rating of 9.8, which is considered critical.

How can I fix CVE-2020-11172?

To fix CVE-2020-11172, it is recommended to apply the security updates provided by Qualcomm and follow the guidelines mentioned in their bulletins.

Where can I find more information about CVE-2020-11172?

More information about CVE-2020-11172 can be found on the Qualcomm website in their October 2020 security bulletins.

Vulnerability/
CVE-2020-11172

critical

9.8

CWE

120

2/11/2020

21/7/2021

CVE-2020-11172

First published: Mon Nov 02 2020(Updated: )

u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA9531, QCA9980

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Qualcomm Ipq4019 Firmware
Qualcomm Ipq4019
Google Android
Qualcomm Ipq6018
Qualcomm Ipq8064 Firmware
Qualcomm Ipq8064
Qualcomm Ipq8074 Firmware
Qualcomm Ipq8074
Qualcomm Qca9531 Firmware
Qualcomm Qca9531
Qualcomm Qca9980 Firmware
Qualcomm Qca9980

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2020-11172?
CVE-2020-11172 is a vulnerability that allows an attacker to cause a stack overflow by reading a string from a file and storing its contents on a statically allocated stack memory.
How does CVE-2020-11172 affect Qualcomm Snapdragon Wired Infrastructure and Networking?
CVE-2020-11172 affects Qualcomm Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA9531, and QCA9980.
What is the severity of CVE-2020-11172?
CVE-2020-11172 has a severity rating of 9.8, which is considered critical.
How can I fix CVE-2020-11172?
To fix CVE-2020-11172, it is recommended to apply the security updates provided by Qualcomm and follow the guidelines mentioned in their bulletins.
Where can I find more information about CVE-2020-11172?
More information about CVE-2020-11172 can be found on the Qualcomm website in their October 2020 security bulletins.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.