CVE-2020-11156
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap packet received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in QCA6390, QCN7605, QCS404, SA415M, SA515M, SC8180X, SDX55, SM8250
Un problema de lectura excesiva del búfer en la pila del Bluetooth debido a una falta de comprobación de la longitud no válida del paquete L2cap recibido desde el dispositivo peer en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking en versiones QCA6390, QCN7605, QCS404, SA415M, SA515M, SC8180X, SDX55, SM8250
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-03-31 CVE Reserved
- 2020-11-02 CVE Published
- 2023-06-09 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-125: Out-of-bounds Read
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletin | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qualcomm Search vendor "Qualcomm" | Qca6390 Firmware Search vendor "Qualcomm" for product "Qca6390 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qca6390 Search vendor "Qualcomm" for product "Qca6390" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcn7605 Firmware Search vendor "Qualcomm" for product "Qcn7605 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcn7605 Search vendor "Qualcomm" for product "Qcn7605" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Qcs404 Firmware Search vendor "Qualcomm" for product "Qcs404 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Qcs404 Search vendor "Qualcomm" for product "Qcs404" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa415m Firmware Search vendor "Qualcomm" for product "Sa415m Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa415m Search vendor "Qualcomm" for product "Sa415m" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sa515m Firmware Search vendor "Qualcomm" for product "Sa515m Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sa515m Search vendor "Qualcomm" for product "Sa515m" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sc8180x Firmware Search vendor "Qualcomm" for product "Sc8180x Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sc8180x Search vendor "Qualcomm" for product "Sc8180x" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sdx55 Firmware Search vendor "Qualcomm" for product "Sdx55 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sdx55 Search vendor "Qualcomm" for product "Sdx55" | - | - |
Safe
|
| Qualcomm Search vendor "Qualcomm" | Sm8250 Firmware Search vendor "Qualcomm" for product "Sm8250 Firmware" | - | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Sm8250 Search vendor "Qualcomm" for product "Sm8250" | - | - |
Safe
|