CVE-2020-11175: Use After Free
First published: Mon Nov 02 2020(Updated: )
u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009W, MSM8909W, QCS605, QM215, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6350, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Msm8909w Firmware | ||
| Qualcomm Msm8909w | ||
| Qualcomm Qcs605 Firmware | ||
| Google Android | ||
| Qualcomm Qm215 Firmware | ||
| Qualcomm Qm215 | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sa6155p | ||
| Qualcomm Sa8155 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sda640 Firmware | ||
| Google Android | ||
| Qualcomm Sda670 Firmware | ||
| Qualcomm Sda670 | ||
| Qualcomm Sda855 Firmware | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sdm670 Firmware | ||
| Qualcomm Sdm670 | ||
| Qualcomm Sdm710 Firmware | ||
| Qualcomm Sdm710 | ||
| Qualcomm Sdm845 Firmware | ||
| Qualcomm Sdm845 | ||
| Qualcomm Sdx50m Firmware | ||
| Qualcomm Sdx50m | ||
| Qualcomm Sdx55 Firmware | ||
| Qualcomm Sdx55 | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sm6125 Firmware | ||
| Qualcomm Sm6125 | ||
| Qualcomm Sm6350 Firmware | ||
| Qualcomm Sm6350 | ||
| Qualcomm Sm7225 Firmware | ||
| Qualcomm Sm7225 | ||
| Google Android | ||
| Qualcomm Sm7250 | ||
| Google Android | ||
| Google Android | ||
| Qualcomm Sm8150 Firmware | ||
| Qualcomm Sm8150 | ||
| Google Android | ||
| Qualcomm Sm8150p | ||
| Qualcomm Sm8250 Firmware | ||
| Qualcomm SM8250 | ||
| Qualcomm Sxr1120 Firmware | ||
| Qualcomm Sxr1120 | ||
| Qualcomm Sxr1130 Firmware | ||
| Qualcomm Sxr1130 | ||
| Qualcomm Sxr2130 Firmware | ||
| Qualcomm Sxr2130 | ||
| Google Android | ||
| Qualcomm Sxr2130p |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-11175?
CVE-2020-11175 is a use after free issue in the Bluetooth transport driver that occurs when a method in the object is accessed after the object has been deleted due to improper timer handling.
Which software products are affected by CVE-2020-11175?
CVE-2020-11175 affects Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IoT, Snapdragon Industrial IoT, Snapdragon Mobile, Snapdragon Wearables, and various Qualcomm firmware versions.
What is the severity of CVE-2020-11175?
The severity of CVE-2020-11175 is high, with a CVSS score of 7.8.
Where can I find more information about CVE-2020-11175?
More information about CVE-2020-11175 can be found on the Qualcomm Product Security Bulletin for November 2020 and the Android Security Bulletin for November 2020.
How can I mitigate the vulnerability CVE-2020-11175?
To mitigate the CVE-2020-11175 vulnerability, it is recommended to apply the necessary software updates provided by the affected vendors.
- agent/weakness
- agent/type
- agent/event
- agent/author
- agent/severity
- agent/references
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/android-source
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/google
- canonical/google android
- vendor/qualcomm
- canonical/qualcomm msm8909w firmware
- canonical/qualcomm msm8909w
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm qm215 firmware
- canonical/qualcomm qm215
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8155 firmware
- canonical/qualcomm sda640 firmware
- canonical/qualcomm sda670 firmware
- canonical/qualcomm sda670
- canonical/qualcomm sda855 firmware
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sdm670
- canonical/qualcomm sdm710 firmware
- canonical/qualcomm sdm710
- canonical/qualcomm sdm845 firmware
- canonical/qualcomm sdm845
- canonical/qualcomm sdx50m firmware
- canonical/qualcomm sdx50m
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sdx55
- canonical/qualcomm sm6125 firmware
- canonical/qualcomm sm6125
- canonical/qualcomm sm6350 firmware
- canonical/qualcomm sm6350
- canonical/qualcomm sm7225 firmware
- canonical/qualcomm sm7225
- canonical/qualcomm sm7250
- canonical/qualcomm sm8150 firmware
- canonical/qualcomm sm8150
- canonical/qualcomm sm8150p
- canonical/qualcomm sm8250 firmware
- canonical/qualcomm sm8250
- canonical/qualcomm sxr1120 firmware
- canonical/qualcomm sxr1120
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr2130 firmware
- canonical/qualcomm sxr2130
- canonical/qualcomm sxr2130p