CVE-2020-11185
First published: Mon Dec 07 2020(Updated: )
Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| qualcomm ar9380 | ||
| qualcomm csr8811 | ||
| qualcomm ipq4018 | ||
| Qualcomm IPQ4019 Firmware | ||
| qualcomm ipq4028 | ||
| qualcomm ipq4029 | ||
| qualcomm ipq6000 | ||
| qualcomm ipq6005 | ||
| qualcomm ipq6010 | ||
| qualcomm ipq6018 | ||
| qualcomm ipq6028 | ||
| qualcomm IPQ8064 firmware | ||
| qualcomm ipq8065 | ||
| qualcomm ipq8068 | ||
| Qualcomm Ipq8070 | ||
| qualcomm ipq8070a | ||
| qualcomm ipq8071 | ||
| qualcomm ipq8071a | ||
| qualcomm ipq8072 | ||
| qualcomm ipq8072a | ||
| qualcomm IPQ8074 | ||
| qualcomm ipq8074a | ||
| qualcomm ipq8076 | ||
| qualcomm ipq8076a | ||
| qualcomm ipq8078 | ||
| qualcomm ipq8078a | ||
| qualcomm ipq8173 | ||
| qualcomm ipq8174 | ||
| Qualcomm Pm3003a | ||
| Qualcomm Pm7350c | ||
| Qualcomm Pm8008 | ||
| Qualcomm Pm8009 | ||
| Qualcomm Pm8350 | ||
| Qualcomm Pm8350b | ||
| Qualcomm Pm8350bh | ||
| Qualcomm Pm8350bhs | ||
| Qualcomm Pm8350c | ||
| Qualcomm Pmk7350 | ||
| Qualcomm Pmk8002 | ||
| Qualcomm Pmk8350 | ||
| Qualcomm Pmm6155au | ||
| Qualcomm Pmm8155au | ||
| Qualcomm Pmm8195au | ||
| Qualcomm Pmm855au | ||
| Qualcomm Pmr525 | ||
| Qualcomm Pmr735a | ||
| Qualcomm Pmr735b | ||
| Qualcomm Pmx55 | ||
| Qualcomm qat3514 | ||
| Qualcomm Qat3516 | ||
| Qualcomm Qat3518 | ||
| Qualcomm Qat3519 | ||
| Qualcomm Qat3555 | ||
| Qualcomm Qat5515 | ||
| Qualcomm Qat5516 | ||
| Qualcomm Qat5522 | ||
| Qualcomm Qat5568 | ||
| qualcomm qca4024 | ||
| qualcomm qca6175a | ||
| Qualcomm qca6390 | ||
| qualcomm qca6391 | ||
| qualcomm qca6428 | ||
| qualcomm qca6438 | ||
| Qualcomm qca6564a | ||
| qualcomm qca6564au | ||
| qualcomm qca6574 | ||
| qualcomm qca6574a | ||
| qualcomm qca6574au | ||
| qualcomm QCA6584AU | ||
| qualcomm qca6595 | ||
| qualcomm qca6595au | ||
| qualcomm qca6696 | ||
| qualcomm qca7500 | ||
| qualcomm qca8072 | ||
| qualcomm qca8075 | ||
| qualcomm QCA8081 | ||
| qualcomm qca9880 | ||
| qualcomm QCA9886 | ||
| qualcomm qca9888 | ||
| qualcomm qca9889 | ||
| qualcomm qca9898 | ||
| qualcomm qca9980 | ||
| qualcomm qca9984 | ||
| qualcomm qca9985 | ||
| qualcomm qca9990 | ||
| qualcomm qca9992 | ||
| qualcomm qca9994 | ||
| qualcomm qcn5021 | ||
| qualcomm qcn5022 | ||
| qualcomm qcn5024 | ||
| qualcomm qcn5052 | ||
| qualcomm qcn5054 | ||
| qualcomm qcn5064 | ||
| qualcomm qcn5121 | ||
| qualcomm qcn5122 | ||
| qualcomm qcn5124 | ||
| qualcomm qcn5152 | ||
| qualcomm qcn5154 | ||
| qualcomm qcn5164 | ||
| qualcomm qcn5550 | ||
| qualcomm qcn7605 | ||
| qualcomm qcn7606 | ||
| qualcomm qcn9000 | ||
| qualcomm qcn9074 | ||
| Qualcomm Qdm2307 | ||
| Qualcomm Qdm2308 | ||
| Qualcomm Qdm2310 | ||
| Qualcomm Qdm3301 | ||
| Qualcomm Qdm3302 | ||
| Qualcomm Qdm4643 | ||
| Qualcomm Qdm4650 | ||
| Qualcomm Qdm5579 | ||
| Qualcomm Qdm5620 | ||
| Qualcomm Qdm5621 | ||
| Qualcomm Qdm5670 | ||
| Qualcomm Qdm5671 | ||
| Qualcomm Qdm5677 | ||
| Qualcomm Qdm5679 | ||
| Qualcomm Qet5100 | ||
| Qualcomm Qet5100m | ||
| Qualcomm Qet6100 | ||
| Qualcomm Qet6110 | ||
| Qualcomm Qfs2530 | ||
| Qualcomm Qfs2580 | ||
| Qualcomm Qfs2608 | ||
| Qualcomm Qfs2630 | ||
| Qualcomm Qln4642 | ||
| Qualcomm Qln4650 | ||
| Qualcomm Qln5020 | ||
| Qualcomm Qln5030 | ||
| Qualcomm Qln5040 | ||
| Qualcomm Qpa2625 | ||
| Qualcomm Qpa5461 | ||
| Qualcomm Qpa5580 | ||
| Qualcomm Qpa5581 | ||
| Qualcomm Qpa6560 | ||
| Qualcomm Qpa8801 | ||
| Qualcomm Qpa8802 | ||
| Qualcomm Qpa8803 | ||
| Qualcomm Qpa8821 | ||
| Qualcomm Qpa8842 | ||
| Qualcomm Qpm4621 | ||
| Qualcomm Qpm4630 | ||
| Qualcomm Qpm4640 | ||
| Qualcomm Qpm4641 | ||
| Qualcomm Qpm4650 | ||
| Qualcomm Qpm5621 | ||
| Qualcomm Qpm5641 | ||
| Qualcomm Qpm5670 | ||
| Qualcomm Qpm5677 | ||
| Qualcomm Qpm5679 | ||
| Qualcomm Qpm5870 | ||
| Qualcomm Qpm5875 | ||
| Qualcomm Qpm6585 | ||
| Qualcomm Qpm6621 | ||
| Qualcomm Qpm6670 | ||
| Qualcomm Qpm8820 | ||
| Qualcomm Qpm8870 | ||
| Qualcomm Qtm525 | ||
| Qualcomm sa6145p | ||
| qualcomm SA6155P | ||
| Qualcomm sa8150p | ||
| Qualcomm sa8155 | ||
| Qualcomm sa8155p | ||
| Qualcomm sa8195p | ||
| Qualcomm Sd8885g | ||
| Qualcomm Sdr660g | ||
| Qualcomm Sdr735 | ||
| Qualcomm Sdr735g | ||
| Qualcomm Sdr8250 | ||
| Qualcomm Sdr865 | ||
| Qualcomm sdx55 | ||
| Qualcomm sdx55m | ||
| Qualcomm Sm7350 | ||
| Qualcomm Smb1394 | ||
| Qualcomm Smb1395 | ||
| Qualcomm Smb1396 | ||
| Qualcomm Smb1398 | ||
| Qualcomm Smr525 | ||
| Qualcomm Smr526 | ||
| Qualcomm Smr545 | ||
| Qualcomm Smr546 | ||
| qualcomm wcd9341 | ||
| qualcomm wcd9380 | ||
| qualcomm wcd9385 | ||
| Qualcomm wcn3910 | ||
| Qualcomm WCN3991 Firmware | ||
| Qualcomm wcn3998 | ||
| qualcomm wcn6740 | ||
| qualcomm wcn6750 | ||
| Qualcomm WCN6850 Firmware | ||
| Qualcomm WCN6851 Firmware | ||
| qualcomm wcn6856 | ||
| qualcomm wsa8830 | ||
| qualcomm wsa8835 | ||
| Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://source.codeaurora.org/quic/qsdk/platform/vendor/qcom-opensource/wlan/qca-wifi-host-cmn/commit/?id=227ff6c08ac997241a5a0513ad25f89072096d02
- https://source.android.com/docs/security/bulletin/2020-12-01 (Advisory)
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
- https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin
Frequently Asked Questions
What is the severity of CVE-2020-11185?
CVE-2020-11185 has a high severity rating due to the potential for remote code execution caused by an out-of-bounds write in the WLAN driver.
How do I fix CVE-2020-11185?
To fix CVE-2020-11185, update your device firmware to the latest version provided by your device manufacturer.
Which products are affected by CVE-2020-11185?
CVE-2020-11185 affects a variety of Qualcomm products, including but not limited to certain Android devices and specific Snapdragon chipsets.
What type of vulnerability is CVE-2020-11185?
CVE-2020-11185 is characterized as an out-of-bounds write vulnerability in the WLAN driver.
Can CVE-2020-11185 be exploited remotely?
Yes, CVE-2020-11185 can potentially be exploited remotely, allowing attackers to execute arbitrary code on affected devices.
- agent/references
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/remedy
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/last-modified-date
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- vendor/qualcomm
- canonical/qualcomm ar9380
- canonical/qualcomm csr8811
- canonical/qualcomm ipq4018
- canonical/qualcomm ipq4019 firmware
- canonical/qualcomm ipq4028
- canonical/qualcomm ipq4029
- canonical/qualcomm ipq6000
- canonical/qualcomm ipq6005
- canonical/qualcomm ipq6010
- canonical/qualcomm ipq6018
- canonical/qualcomm ipq6028
- canonical/qualcomm ipq8064 firmware
- canonical/qualcomm ipq8065
- canonical/qualcomm ipq8068
- canonical/qualcomm ipq8070
- canonical/qualcomm ipq8070a
- canonical/qualcomm ipq8071
- canonical/qualcomm ipq8071a
- canonical/qualcomm ipq8072
- canonical/qualcomm ipq8072a
- canonical/qualcomm ipq8074
- canonical/qualcomm ipq8074a
- canonical/qualcomm ipq8076
- canonical/qualcomm ipq8076a
- canonical/qualcomm ipq8078
- canonical/qualcomm ipq8078a
- canonical/qualcomm ipq8173
- canonical/qualcomm ipq8174
- canonical/qualcomm pm3003a
- canonical/qualcomm pm7350c
- canonical/qualcomm pm8008
- canonical/qualcomm pm8009
- canonical/qualcomm pm8350
- canonical/qualcomm pm8350b
- canonical/qualcomm pm8350bh
- canonical/qualcomm pm8350bhs
- canonical/qualcomm pm8350c
- canonical/qualcomm pmk7350
- canonical/qualcomm pmk8002
- canonical/qualcomm pmk8350
- canonical/qualcomm pmm6155au
- canonical/qualcomm pmm8155au
- canonical/qualcomm pmm8195au
- canonical/qualcomm pmm855au
- canonical/qualcomm pmr525
- canonical/qualcomm pmr735a
- canonical/qualcomm pmr735b
- canonical/qualcomm pmx55
- canonical/qualcomm qat3514
- canonical/qualcomm qat3516
- canonical/qualcomm qat3518
- canonical/qualcomm qat3519
- canonical/qualcomm qat3555
- canonical/qualcomm qat5515
- canonical/qualcomm qat5516
- canonical/qualcomm qat5522
- canonical/qualcomm qat5568
- canonical/qualcomm qca4024
- canonical/qualcomm qca6175a
- canonical/qualcomm qca6390
- canonical/qualcomm qca6391
- canonical/qualcomm qca6428
- canonical/qualcomm qca6438
- canonical/qualcomm qca6564a
- canonical/qualcomm qca6564au
- canonical/qualcomm qca6574
- canonical/qualcomm qca6574a
- canonical/qualcomm qca6574au
- canonical/qualcomm qca6584au
- canonical/qualcomm qca6595
- canonical/qualcomm qca6595au
- canonical/qualcomm qca6696
- canonical/qualcomm qca7500
- canonical/qualcomm qca8072
- canonical/qualcomm qca8075
- canonical/qualcomm qca8081
- canonical/qualcomm qca9880
- canonical/qualcomm qca9886
- canonical/qualcomm qca9888
- canonical/qualcomm qca9889
- canonical/qualcomm qca9898
- canonical/qualcomm qca9980
- canonical/qualcomm qca9984
- canonical/qualcomm qca9985
- canonical/qualcomm qca9990
- canonical/qualcomm qca9992
- canonical/qualcomm qca9994
- canonical/qualcomm qcn5021
- canonical/qualcomm qcn5022
- canonical/qualcomm qcn5024
- canonical/qualcomm qcn5052
- canonical/qualcomm qcn5054
- canonical/qualcomm qcn5064
- canonical/qualcomm qcn5121
- canonical/qualcomm qcn5122
- canonical/qualcomm qcn5124
- canonical/qualcomm qcn5152
- canonical/qualcomm qcn5154
- canonical/qualcomm qcn5164
- canonical/qualcomm qcn5550
- canonical/qualcomm qcn7605
- canonical/qualcomm qcn7606
- canonical/qualcomm qcn9000
- canonical/qualcomm qcn9074
- canonical/qualcomm qdm2307
- canonical/qualcomm qdm2308
- canonical/qualcomm qdm2310
- canonical/qualcomm qdm3301
- canonical/qualcomm qdm3302
- canonical/qualcomm qdm4643
- canonical/qualcomm qdm4650
- canonical/qualcomm qdm5579
- canonical/qualcomm qdm5620
- canonical/qualcomm qdm5621
- canonical/qualcomm qdm5670
- canonical/qualcomm qdm5671
- canonical/qualcomm qdm5677
- canonical/qualcomm qdm5679
- canonical/qualcomm qet5100
- canonical/qualcomm qet5100m
- canonical/qualcomm qet6100
- canonical/qualcomm qet6110
- canonical/qualcomm qfs2530
- canonical/qualcomm qfs2580
- canonical/qualcomm qfs2608
- canonical/qualcomm qfs2630
- canonical/qualcomm qln4642
- canonical/qualcomm qln4650
- canonical/qualcomm qln5020
- canonical/qualcomm qln5030
- canonical/qualcomm qln5040
- canonical/qualcomm qpa2625
- canonical/qualcomm qpa5461
- canonical/qualcomm qpa5580
- canonical/qualcomm qpa5581
- canonical/qualcomm qpa6560
- canonical/qualcomm qpa8801
- canonical/qualcomm qpa8802
- canonical/qualcomm qpa8803
- canonical/qualcomm qpa8821
- canonical/qualcomm qpa8842
- canonical/qualcomm qpm4621
- canonical/qualcomm qpm4630
- canonical/qualcomm qpm4640
- canonical/qualcomm qpm4641
- canonical/qualcomm qpm4650
- canonical/qualcomm qpm5621
- canonical/qualcomm qpm5641
- canonical/qualcomm qpm5670
- canonical/qualcomm qpm5677
- canonical/qualcomm qpm5679
- canonical/qualcomm qpm5870
- canonical/qualcomm qpm5875
- canonical/qualcomm qpm6585
- canonical/qualcomm qpm6621
- canonical/qualcomm qpm6670
- canonical/qualcomm qpm8820
- canonical/qualcomm qpm8870
- canonical/qualcomm qtm525
- canonical/qualcomm sa6145p
- canonical/qualcomm sa6155p
- canonical/qualcomm sa8150p
- canonical/qualcomm sa8155
- canonical/qualcomm sa8155p
- canonical/qualcomm sa8195p
- canonical/qualcomm sd8885g
- canonical/qualcomm sdr660g
- canonical/qualcomm sdr735
- canonical/qualcomm sdr735g
- canonical/qualcomm sdr8250
- canonical/qualcomm sdr865
- canonical/qualcomm sdx55
- canonical/qualcomm sdx55m
- canonical/qualcomm sm7350
- canonical/qualcomm smb1394
- canonical/qualcomm smb1395
- canonical/qualcomm smb1396
- canonical/qualcomm smb1398
- canonical/qualcomm smr525
- canonical/qualcomm smr526
- canonical/qualcomm smr545
- canonical/qualcomm smr546
- canonical/qualcomm wcd9341
- canonical/qualcomm wcd9380
- canonical/qualcomm wcd9385
- canonical/qualcomm wcn3910
- canonical/qualcomm wcn3991 firmware
- canonical/qualcomm wcn3998
- canonical/qualcomm wcn6740
- canonical/qualcomm wcn6750
- canonical/qualcomm wcn6850 firmware
- canonical/qualcomm wcn6851 firmware
- canonical/qualcomm wcn6856
- canonical/qualcomm wsa8830
- canonical/qualcomm wsa8835
- vendor/google
- canonical/android