CVSS: 9.4EPSS: 0%CPEs: 1030EXPL: 0CVE-2020-11276
https://notcve.org/view.php?id=CVE-2020-11276
Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible lectura excesiva del búfer mientras se procesa el atributo P2P IE y NOA de las tramas de respuesta de beacon y probe debido a una comprobación inapropiadas de las longitudes de los atributos P2P IE y NOA en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1076EXPL: 0CVE-2020-11269
https://notcve.org/view.php?id=CVE-2020-11269
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria durante el procesamiento de tramas EAPOL debido a una falta de comprobación de longitud de la clave antes de usarla en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-190: Integer Overflow or Wraparound •