medium
6.8
CWE
119 190
Advisory Published
Updated

CVE-2020-11305: Buffer Overflow

First published: Wed Mar 17 2021(Updated: )

Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

Credit: product-security@qualcomm.com

Affected SoftwareAffected VersionHow to fix
Google Android
Qualcomm Apq8009
Google Android
Google Android
Qualcomm Mdm9206 Firmware
Qualcomm Mdm9206
Qualcomm Pm8909 Firmware
Google Android
Google Android
Google Android
Google Android
Qualcomm Pm8953
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Qualcomm Smb1358
Google Android
Qualcomm Smb1360
Google Android
Google Android
Qualcomm Wcd9326 Firmware
Google Android
Google Android
Qualcomm Wcd9330
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Google Android
Qualcomm Wtr2965

Remedy

https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the vulnerability ID of this issue?

    The vulnerability ID of this issue is CVE-2020-11305.

  • What is the severity rating of CVE-2020-11305?

    CVE-2020-11305 has a severity rating of 6.8 (medium).

  • Which software or devices are affected by CVE-2020-11305?

    CVE-2020-11305 affects Qualcomm APQ8009 Firmware, Qualcomm MDM9206 Firmware, Qualcomm PM8909 Firmware, Qualcomm PM8916 Firmware, Qualcomm PM8953 Firmware, Qualcomm PMI8952 Firmware, Qualcomm QCA9367 Firmware, Qualcomm QCA9377 Firmware, Qualcomm SMB1358 Firmware, Qualcomm SMB1360 Firmware, Qualcomm SMB231 Firmware, Qualcomm WCD9326 Firmware, Qualcomm WCD9330 Firmware, Qualcomm WCN3660B Firmware, Qualcomm WCN3680B Firmware, Qualcomm WSA8810 Firmware, and Qualcomm WSA8815 Firmware.

  • What is the description of CVE-2020-11305?

    CVE-2020-11305 is an integer overflow vulnerability in boot due to an improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music.

  • Where can I find more information about CVE-2020-11305?

    You can find more information about CVE-2020-11305 in the official Qualcomm Product Security Bulletin for March 2021.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203