Advisory Published

CVE-2020-11268: Input Validation

First published: Fri May 07 2021(Updated: )

Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile

Credit: product-security@qualcomm.com

Affected SoftwareAffected VersionHow to fix
Qualcomm Apq8009
Qualcomm Apq8016
Qualcomm Apq8074
Qualcomm Apq8084
Qualcomm Apq8094
Qualcomm Ar6003
Qualcomm Mdm8215
Qualcomm Mdm8215m
Qualcomm Mdm8615m
Qualcomm Mdm9215
Qualcomm Mdm9235m
Qualcomm Mdm9310
Google Android
Qualcomm Mdm9615
Qualcomm Mdm9615m
Qualcomm Mdm9635m
Qualcomm Mdm9640
Qualcomm Mdm9645
Qualcomm Msm8108
Qualcomm Msm8208
Qualcomm Msm8209
Qualcomm Msm8216
Qualcomm Msm8274
Qualcomm Msm8608
Qualcomm Msm8674
Qualcomm Msm8916
Google Android
Qualcomm Msm8939
Qualcomm Msm8974
Qualcomm Msm8974p
Qualcomm Msm8994
Qualcomm Pm8018
Qualcomm Pm8841
Qualcomm Pm8909
Qualcomm Pm8916
Qualcomm Pm8941
Qualcomm Pm8994
Qualcomm Pmd9635
Google Android
Qualcomm Pmi8994
Qualcomm Qca1990
Qualcomm Qca6174
Qualcomm Qca6174a
Qualcomm Qca6584
Google Android
Qualcomm Qfe1040
Google Android
Qualcomm Qfe1100
Google Android
Qualcomm Qfe1520
Google Android
Qualcomm Qfe2101
Google Android
Google Android
Qualcomm Qfe2330
Qualcomm Qfe2340
Google Android
Qualcomm Qfe2550
Qualcomm Qfe2720
Qualcomm Qfe3100
Qualcomm Qfe3320
Google Android
Google Android
Google Android
Qualcomm Sd210
Qualcomm Smb1360
Qualcomm Wcd9306
Qualcomm Wcd9330
Qualcomm Wcn3610
Qualcomm Wcn3620
Qualcomm Wcn3660
Google Android
Qualcomm Wcn3660b
Qualcomm Wcn3680
Qualcomm Wcn3680b
Qualcomm Wfr1620
Qualcomm Wgr7640
Google Android
Qualcomm Wtr1605l
Google Android
Google Android
Qualcomm Wtr2605
Qualcomm Wtr2955
Qualcomm Wtr3925
Google Android
Qualcomm Wtr4905

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2020-11268?

    CVE-2020-11268 is a vulnerability that can cause a potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs, leading to denial of service.

  • Which software is affected by CVE-2020-11268?

    CVE-2020-11268 affects Qualcomm Snapdragon Auto and Snapdragon Mobile.

  • What is the severity of CVE-2020-11268?

    CVE-2020-11268 has a severity level of 7.5 (high).

  • How can CVE-2020-11268 be fixed?

    To fix CVE-2020-11268, affected users should apply the necessary security patches provided by Qualcomm.

  • Where can I find more information about CVE-2020-11268?

    More information about CVE-2020-11268 can be found on the Qualcomm Product Security Bulletin for May 2021.


SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203