CVE-2020-11231

MEDIUM

Qualcomm Apq8017 Firmware - Double Free

Title source: rule

Description

Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

References (1)

[Patch, Vendor Advisory] https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin

Scores

CVSS v3 6.7

EPSS 0.0005

EPSS Percentile 14.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (50)

qualcomm/apq8017_firmware

qualcomm/apq8053_firmware

qualcomm/aqt1000_firmware

qualcomm/msm8917_firmware

qualcomm/msm8953_firmware

qualcomm/pm215_firmware

qualcomm/pm3003a_firmware

qualcomm/pm439_firmware

qualcomm/pm6125_firmware

qualcomm/pm6150_firmware

qualcomm/pm6150l_firmware

qualcomm/pm7150a_firmware

qualcomm/pm7150l_firmware

qualcomm/pm7250_firmware

qualcomm/pm7250b_firmware

... and 35 more

Timeline

Published Apr 07, 2021

Tracked Since Feb 18, 2026