CVE-2020-11175
HIGHQualcomm Snapdragon Firmware - Use-After-Free in Bluetooth Transport Driver
Title source: llmDescription
u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009W, MSM8909W, QCS605, QM215, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6350, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin
Scores
CVSS v3
7.8
EPSS
0.0004
EPSS Percentile
11.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (31)
qualcomm/apq8009w_firmware
qualcomm/msm8909w_firmware
qualcomm/qcs605_firmware
qualcomm/qm215_firmware
qualcomm/sa6155_firmware
qualcomm/sa6155p_firmware
qualcomm/sa8155_firmware
qualcomm/sa8155p_firmware
qualcomm/sda640_firmware
qualcomm/sda670_firmware
... and 21 more
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026