CVE-2020-11184
CRITICALQualcomm Snapdragon Firmware - Buffer Overflow via Crafted MP4 ESDS Atom
Title source: llmDescription
u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin
Scores
CVSS v3
9.8
EPSS
0.0043
EPSS Percentile
62.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
Status
published
Products (29)
qualcomm/qcm4290_firmware
qualcomm/qcs4290_firmware
qualcomm/qm215_firmware
qualcomm/qsm8350_firmware
qualcomm/sa6145p_firmware
qualcomm/sa6155_firmware
qualcomm/sa6155p_firmware
qualcomm/sa8155_firmware
qualcomm/sa8155p_firmware
qualcomm/sdx55_firmware
... and 19 more
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026