high
8.8
CWE
119
Advisory Published
Updated

CVE-2020-11257: Buffer Overflow

First published: Wed Jun 09 2021(Updated: )

Memory corruption due to lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking

Credit: product-security@qualcomm.com

Affected SoftwareAffected VersionHow to fix
qualcomm ar7420 firmware
qualcomm ar7420
qualcomm ar9580 firmware
qualcomm ar9580
qualcomm csr8811 Firmware
qualcomm csr8811
qualcomm ipq4018 firmware
qualcomm ipq4018
Qualcomm IPQ4019
Qualcomm IPQ4019 Firmware
qualcomm ipq4028 firmware
qualcomm ipq4028
qualcomm ipq4029 firmware
qualcomm ipq4029
qualcomm qca10901 firmware
qualcomm qca10901
qualcomm qca4024 firmware
qualcomm qca4024
qualcomm qca7500 firmware
qualcomm qca7500
qualcomm qca7520 firmware
qualcomm qca7520
qualcomm qca7550 firmware
qualcomm qca7550
qualcomm qca8075 firmware
qualcomm qca8075
qualcomm qca9880 firmware
qualcomm qca9880
qualcomm QCA9886 firmware
qualcomm QCA9886
qualcomm qca9888 firmware
qualcomm qca9888
qualcomm qca9889 firmware
qualcomm qca9889
qualcomm qca9898 firmware
qualcomm qca9898
qualcomm qca9984 firmware
qualcomm qca9984
qualcomm qca9992 firmware
qualcomm qca9992
qualcomm qca9994 firmware
qualcomm qca9994
qualcomm qcn3018 firmware
qualcomm qcn3018
qualcomm qfe1922 Firmware
Qualcomm Qfe1922
qualcomm qfe1952 Firmware
qualcomm qfe1952
qualcomm wcd9340 firmware
qualcomm wcd9340
qualcomm wsa8810 firmware
qualcomm wsa8810

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2020-11257?

    CVE-2020-11257 is a vulnerability that allows memory corruption due to the lack of validation of pointer arguments passed to TrustZone BSP in Snapdragon Wired Infrastructure and Networking.

  • How severe is CVE-2020-11257?

    CVE-2020-11257 has a severity rating of 8.8, which is considered high.

  • What software is affected by CVE-2020-11257?

    Qualcomm Ar7420 Firmware, Qualcomm Ar9580 Firmware, Qualcomm Csr8811 Firmware, Qualcomm Ipq4019 Firmware, Qualcomm Ipq4028 Firmware, Qualcomm Qca4024 Firmware, Qualcomm Qca7500 Firmware, Qualcomm Qca7520 Firmware, Qualcomm Qca7550 Firmware, Qualcomm Qca9880 Firmware, Qualcomm Qca9886 Firmware, Qualcomm Qca9888 Firmware, Qualcomm Qca9889 Firmware, Qualcomm Qcn3018 Firmware, Qualcomm Qfe1922 Firmware, Qualcomm Qfe1952 Firmware, and Google Android running on Qualcomm chipsets are affected by CVE-2020-11257.

  • How is CVE-2020-11257 fixed?

    To fix CVE-2020-11257, users should apply the security patch provided by Qualcomm. More information can be found in the official Qualcomm January 2021 Bulletin.

  • What is the CWE of CVE-2020-11257?

    CVE-2020-11257 is classified as CWE-119, which is a weakness related to improper restriction of operations within the bounds of a memory buffer.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203