First published: Wed Jun 09 2021(Updated: )
Image address is dereferenced before validating its range which can cause potential QSEE information leakage in Snapdragon Wired Infrastructure and Networking
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Qualcomm Ar7420 Firmware | ||
Qualcomm Ar7420 | ||
Qualcomm Ar9580 Firmware | ||
Google Android | ||
Qualcomm Csr8811 Firmware | ||
Qualcomm Csr8811 | ||
Google Android | ||
Google Android | ||
Qualcomm Ipq4019 Firmware | ||
Qualcomm Ipq4019 | ||
Google Android | ||
Qualcomm Ipq4028 | ||
Qualcomm Ipq4029 Firmware | ||
Google Android | ||
Google Android | ||
Qualcomm Qca10901 | ||
Qualcomm Qca4024 Firmware | ||
Google Android | ||
Qualcomm Qca7500 Firmware | ||
Qualcomm Qca7500 | ||
Qualcomm Qca7520 Firmware | ||
Qualcomm Qca7520 | ||
Qualcomm Qca7550 Firmware | ||
Qualcomm Qca7550 | ||
Google Android | ||
Google Android | ||
Qualcomm Qca9880 Firmware | ||
Qualcomm Qca9880 | ||
Qualcomm Qca9886 Firmware | ||
Qualcomm Qca9886 | ||
Qualcomm Qca9888 Firmware | ||
Qualcomm Qca9888 | ||
Qualcomm Qca9889 Firmware | ||
Qualcomm Qca9889 | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android | ||
Qualcomm Qca9992 Firmware | ||
Qualcomm Qca9992 | ||
Qualcomm Qca9994 Firmware | ||
Qualcomm Qca9994 | ||
Qualcomm Qcn3018 Firmware | ||
Qualcomm Qcn3018 | ||
Qualcomm Qfe1922 Firmware | ||
Qualcomm Qfe1922 | ||
Qualcomm Qfe1952 Firmware | ||
Qualcomm Qfe1952 | ||
Google Android | ||
Google Android | ||
Google Android | ||
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-11266 is a vulnerability that occurs when an image address is dereferenced before validating its range, potentially causing QSEE information leakage in Snapdragon Wired Infrastructure and Networking.
The following software is affected: Qualcomm Ar7420 Firmware, Qualcomm Ar9580 Firmware, Qualcomm Csr8811 Firmware, Qualcomm Ipq4019 Firmware, Qualcomm Qca4024 Firmware, Qualcomm Qca7500 Firmware, Qualcomm Qca7520 Firmware, Qualcomm Qca7550 Firmware, Qualcomm Qcn3018 Firmware, Qualcomm Qfe1922 Firmware, Qualcomm Qfe1952 Firmware, Qualcomm Wcd9340 Firmware, Qualcomm Wsa8810 Firmware.
The severity of CVE-2020-11266 is medium with a CVSS score of 6.5.
QSEE stands for Qualcomm Secure Execution Environment, which is a trusted execution environment on Qualcomm Snapdragon processors.
You can find more information about CVE-2020-11266 on the Qualcomm Product Security Bulletin for January 2021.