CVE-2020-11231
MEDIUMQualcomm APQ8017 Firmware - Use-After-Free via Concurrent Function Calls
Title source: llmDescription
Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.qualcomm.com/company/product-security/bulletins/april-2021-bulletin
Scores
CVSS v3
6.7
EPSS
0.0005
EPSS Percentile
14.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-415
Status
published
Products (50)
qualcomm/apq8017_firmware
qualcomm/apq8053_firmware
qualcomm/aqt1000_firmware
qualcomm/msm8917_firmware
qualcomm/msm8953_firmware
qualcomm/pm215_firmware
qualcomm/pm3003a_firmware
qualcomm/pm439_firmware
qualcomm/pm6125_firmware
qualcomm/pm6150_firmware
... and 40 more
Published
Apr 07, 2021
Tracked Since
Feb 18, 2026