CVE-2020-11298

HIGH

Qualcomm AQT1000 Firmware - Time-of-check Time-of-use Race Condition

Title source: llm

Description

While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.qualcomm.com/company/product-security/bulletins/june-2021-bulletin

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 5.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-367

Status published

Products (50)

qualcomm/aqt1000_firmware

qualcomm/ar8031_firmware

qualcomm/ar8035_firmware

qualcomm/csra6620_firmware

qualcomm/csra6640_firmware

qualcomm/mdm9205_firmware

qualcomm/mdm9206_firmware

qualcomm/mdm9628_firmware

qualcomm/qca4004_firmware

qualcomm/qca6390_firmware

... and 40 more

Published Jun 09, 2021

Tracked Since Feb 18, 2026