CVE-2020-11216

CRITICAL

Qualcomm Apq8009 - Integer Overflow

Title source: rule

Description

Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

References (2)

Core 2

Core References

Broken Link x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Vendor Advisory

https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Scores

CVSS v3 9.8

EPSS 0.0029

EPSS Percentile 52.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-190 CWE-125

Status published

Products (50)

qualcomm/apq8009

qualcomm/apq8009w

qualcomm/apq8017

qualcomm/apq8037

qualcomm/apq8053

qualcomm/apq8064au

qualcomm/apq8096au

qualcomm/aqt1000

qualcomm/ar8031

qualcomm/ar8151

... and 40 more

Published Jan 21, 2021

Tracked Since Feb 18, 2026