CVE-2020-11167
CRITICALQualcomm Snapdragon - Memory Corruption via L2CAP Packet Length Calculation
Title source: llmDescription
Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
References (2)
Core 2
Core References
Broken Link x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
Patch, Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin
Scores
CVSS v3
9.8
EPSS
0.0033
EPSS Percentile
56.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
CWE-787
Status
published
Products (50)
qualcomm/apq8009w
qualcomm/apq8017
qualcomm/apq8037
qualcomm/apq8053
qualcomm/apq8064au
qualcomm/apq8096au
qualcomm/aqt1000
qualcomm/msm8909w
qualcomm/msm8917
qualcomm/msm8920
... and 40 more
Published
Jan 21, 2021
Tracked Since
Feb 18, 2026