First published: Thu Nov 12 2020(Updated: )
Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA845, SDM640, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Qualcomm QCM6125 Firmware | ||
Qualcomm QCM6125 Firmware | ||
Qualcomm QCS410 Firmware | ||
Qualcomm QCS410 Firmware | ||
Qualcomm QCS603 | ||
Qualcomm QCS603 Firmware | ||
Qualcomm QCS605 | ||
Qualcomm QCS605 Firmware | ||
Qualcomm QCS610 Firmware | ||
Qualcomm QCS610 Firmware | ||
Qualcomm QCS6125 Firmware | ||
Qualcomm QCS6125 Firmware | ||
Qualcomm SA6145P Firmware | ||
Qualcomm SA6145P Firmware | ||
Qualcomm SA6155 | ||
Qualcomm SA6155 Firmware | ||
Qualcomm SA6155 | ||
Qualcomm SA6155P | ||
Qualcomm SA8155P Firmware | ||
Qualcomm SA8155 Firmware | ||
Qualcomm SA8155 | ||
Qualcomm SA8155P Firmware | ||
Qualcomm SDA640 | ||
Qualcomm SDA640 Firmware | ||
Qualcomm SD 845 Firmware | ||
Qualcomm Snapdragon 845 | ||
qualcomm SDM640 firmware | ||
Qualcomm SDM640 | ||
Qualcomm SDM830 Firmware | ||
Qualcomm Snapdragon 830 | ||
Qualcomm SDA/SDM845 Firmware | ||
Qualcomm Snapdragon 845 | ||
Qualcomm SDX50M Firmware | ||
Qualcomm SDX50M Firmware | ||
Qualcomm SDX55M Firmware | ||
Qualcomm SDX55 Firmware | ||
Qualcomm SDX55M Firmware | ||
Qualcomm SDX55M Firmware | ||
Qualcomm SM6125 | ||
Qualcomm SM6125 Firmware | ||
Qualcomm SM6150P firmware | ||
Qualcomm SM6150P | ||
Qualcomm SM6250P Firmware | ||
Qualcomm SM6250 Firmware | ||
Qualcomm SM6250 Firmware | ||
Qualcomm SM6250P Firmware | ||
Qualcomm SM7125 | ||
Qualcomm SM7125 Firmware | ||
qualcomm SM7150P firmware | ||
qualcomm SM7150 firmware | ||
qualcomm SM7150 firmware | ||
qualcomm SM7150P firmware | ||
Qualcomm SM8150P Firmware | ||
Qualcomm SM8150 Fusion | ||
Qualcomm SM8150 Firmware | ||
Qualcomm SA8150P |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-11201 is a vulnerability that allows arbitrary access to DSP memory due to an improper check in a loaded library for data received from the CPU side.
The vulnerability affects Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, and other models listed in the official bulletin.
CVE-2020-11201 has a severity level of 7.8 (high).
To fix CVE-2020-11201, users are advised to apply the necessary updates and patches provided by Qualcomm as mentioned in the official bulletin.
More information about CVE-2020-11201 can be found in the official blog post and research report by Check Point, as well as the Qualcomm Product Security bulletins for November 2020.