CVE-2020-11175: Use After Free
First published: Mon Nov 02 2020(Updated: )
u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009W, MSM8909W, QCS605, QM215, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6350, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm APQ8009 Firmware | ||
| Qualcomm APQ8009 | ||
| Qualcomm MSM8909W | ||
| Qualcomm Snapdragon 8909 | ||
| Qualcomm ZZ QCS605 firmware | ||
| Qualcomm QCS605 Firmware | ||
| Qualcomm 215 Firmware | ||
| Qualcomm 215 | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155 Firmware | ||
| Qualcomm SA6155 | ||
| Qualcomm SA6155P | ||
| Qualcomm SA8155P Firmware | ||
| Qualcomm SA8155 Firmware | ||
| Qualcomm SA8155 | ||
| Qualcomm SA8155P Firmware | ||
| Qualcomm SDA640 | ||
| Qualcomm SDA640 Firmware | ||
| Qualcomm SDA670 | ||
| Qualcomm SDA670 | ||
| Qualcomm SDA855 Firmware | ||
| Qualcomm SDA855 Firmware | ||
| Qualcomm SDM1000 Firmware | ||
| Qualcomm SDM1000 Firmware | ||
| qualcomm SDM640 firmware | ||
| Qualcomm SDM640 | ||
| Qualcomm SD 670 Firmware | ||
| Qualcomm SDM670 Firmware | ||
| Qualcomm SD710 Firmware | ||
| Qualcomm Snapdragon 710 | ||
| Qualcomm SDA/SDM845 Firmware | ||
| Qualcomm Snapdragon 845 | ||
| Qualcomm SDX50M Firmware | ||
| Qualcomm SDX50M Firmware | ||
| Qualcomm SDX55M Firmware | ||
| Qualcomm SDX55 Firmware | ||
| Qualcomm SDX55M Firmware | ||
| Qualcomm SDX55M Firmware | ||
| Qualcomm SM6125 | ||
| Qualcomm SM6125 Firmware | ||
| qualcomm sm6350 firmware | ||
| qualcomm sm6350 firmware | ||
| Qualcomm SM7225 | ||
| Qualcomm SM7225 | ||
| Qualcomm QSM7250 Firmware | ||
| Qualcomm QSM7250 | ||
| Qualcomm SM7250 Firmware | ||
| Qualcomm SM7250 | ||
| Qualcomm SM8150P Firmware | ||
| Qualcomm SM8150 Fusion | ||
| Qualcomm SM8150 Firmware | ||
| Qualcomm SA8150P | ||
| Qualcomm SM8250 | ||
| Qualcomm qsm8250 | ||
| Qualcomm SXR1120 | ||
| Qualcomm SXR1120 | ||
| Qualcomm SXR1130 | ||
| Qualcomm SXR1130 Firmware | ||
| qualcomm SXR2130P firmware | ||
| Qualcomm SXR2130 | ||
| qualcomm SXR2130 firmware | ||
| Qualcomm SXR2130 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-11175?
CVE-2020-11175 is a use after free issue in the Bluetooth transport driver that occurs when a method in the object is accessed after the object has been deleted due to improper timer handling.
Which software products are affected by CVE-2020-11175?
CVE-2020-11175 affects Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IoT, Snapdragon Industrial IoT, Snapdragon Mobile, Snapdragon Wearables, and various Qualcomm firmware versions.
What is the severity of CVE-2020-11175?
The severity of CVE-2020-11175 is high, with a CVSS score of 7.8.
Where can I find more information about CVE-2020-11175?
More information about CVE-2020-11175 can be found on the Qualcomm Product Security Bulletin for November 2020 and the Android Security Bulletin for November 2020.
How can I mitigate the vulnerability CVE-2020-11175?
To mitigate the CVE-2020-11175 vulnerability, it is recommended to apply the necessary software updates provided by the affected vendors.
- agent/type
- agent/first-publish-date
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm apq8009 firmware
- canonical/qualcomm apq8009
- canonical/qualcomm msm8909w
- canonical/qualcomm snapdragon 8909
- canonical/qualcomm zz qcs605 firmware
- canonical/qualcomm qcs605 firmware
- canonical/qualcomm 215 firmware
- canonical/qualcomm 215
- canonical/qualcomm sa6155
- canonical/qualcomm sa6155 firmware
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8155p firmware
- canonical/qualcomm sa8155 firmware
- canonical/qualcomm sa8155
- canonical/qualcomm sda640
- canonical/qualcomm sda640 firmware
- canonical/qualcomm sda670
- canonical/qualcomm sda855 firmware
- canonical/qualcomm sdm1000 firmware
- canonical/qualcomm sdm640 firmware
- canonical/qualcomm sdm640
- canonical/qualcomm sd 670 firmware
- canonical/qualcomm sdm670 firmware
- canonical/qualcomm sd710 firmware
- canonical/qualcomm snapdragon 710
- canonical/qualcomm sda/sdm845 firmware
- canonical/qualcomm snapdragon 845
- canonical/qualcomm sdx50m firmware
- canonical/qualcomm sdx55m firmware
- canonical/qualcomm sdx55 firmware
- canonical/qualcomm sm6125
- canonical/qualcomm sm6125 firmware
- canonical/qualcomm sm6350 firmware
- canonical/qualcomm sm7225
- canonical/qualcomm qsm7250 firmware
- canonical/qualcomm qsm7250
- canonical/qualcomm sm7250 firmware
- canonical/qualcomm sm7250
- canonical/qualcomm sm8150p firmware
- canonical/qualcomm sm8150 fusion
- canonical/qualcomm sm8150 firmware
- canonical/qualcomm sa8150p
- canonical/qualcomm sm8250
- canonical/qualcomm qsm8250
- canonical/qualcomm sxr1120
- canonical/qualcomm sxr1130
- canonical/qualcomm sxr1130 firmware
- canonical/qualcomm sxr2130p firmware
- canonical/qualcomm sxr2130
- canonical/qualcomm sxr2130 firmware