CVE-2020-11217

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS v2.0 4.6

4.6^/10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

CVSS v3.0 7.8 HIGH

7.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin	Broken Link
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin	Patch Vendor Advisory

Configurations

Configuration 1

cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm4125:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm3003a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm4125:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm6125:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm6150a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm6150l:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm6350:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm660:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm660a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm660l:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm7150a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm7150l:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm7250:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm7250b:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8008:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8009:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8150a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8150b:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8150c:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8150l:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8250:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8350:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8350b:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8350bh:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8350c:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmi632:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmk8002:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmk8003:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmk8350:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmr525:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmr735a:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmr735b:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmx55:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3514:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3516:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3518:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3519:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3522:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3550:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat3555:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat5515:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat5516:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat5522:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat5533:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qat5568:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qbt2000:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6431:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm2301:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm2305:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm2307:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm2308:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm2310:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm3301:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm4643:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm4650:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5620:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5621:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5650:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5652:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5670:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5671:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5677:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5679:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet4100:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet4101:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet5100:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet5100m:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet6100:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qet6110:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfs2530:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfs2580:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfs2608:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qfs2630:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln4642:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln4650:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln5020:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln5030:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qln5040:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa2625:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa4340:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa4360:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa5461:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa5580:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa5581:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa6560:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa8673:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa8686:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa8801:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa8802:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa8803:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa8821:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpa8842:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm4621:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm4630:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm4640:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm4641:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm4650:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5620:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5621:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5641:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5657:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5658:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5670:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5677:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5679:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5870:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm5875:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm6582:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm6585:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm6621:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm6670:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm8820:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm8830:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm8870:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qpm8895:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qsm7250:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qtc800h:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qtc800s:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qtc801s:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qtm525:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:rsw8577:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd750g:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr425:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr660:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr735:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr735g:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr8250:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdr865:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1351:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1354:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1355:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1390:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1395:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1396:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1398:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smr525:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smr526:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smr545:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smr546:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3991:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn3998:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6750:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6850:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6851:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6856:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wgr7640:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr2965:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wtr3925:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm7350c:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pm8350bhs:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:pmk7350:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm3302:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qdm5579:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7350:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:smb1394:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:wcn6740:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd6905g:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd8655g:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sd8885g:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdxr25g:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm4350:-:*:*:*:*:*:*:*

History

24 Jan 2023, 16:19

Type	Values Removed	Values Added
CPE		cpe:2.3:a:predictapp_project:predictapp::::::::
References	~~(MISC) https://github.com/abhilash1985/PredictApp/commit/b067372f3ee26fe1b657121f0f41883ff4461a06 -~~	(MISC) https://github.com/abhilash1985/PredictApp/commit/b067372f3ee26fe1b657121f0f41883ff4461a06 - Patch, Third Party Advisory
References	~~(MISC) https://github.com/abhilash1985/PredictApp/pull/73 -~~	(MISC) https://github.com/abhilash1985/PredictApp/pull/73 - Patch, Third Party Advisory
References	~~(MISC) https://vuldb.com/?id.218387 -~~	(MISC) https://vuldb.com/?id.218387 - Third Party Advisory
References	~~(MISC) https://vuldb.com/?ctiid.218387 -~~	(MISC) https://vuldb.com/?ctiid.218387 - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
First Time		Predictapp Project predictapp Predictapp Project

16 Jan 2023, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-01-21 10:15

Updated : 2021-01-29 08:28

NVD link : CVE-2020-11217

Mitre link : CVE-2020-11217

Products Affected

No products.

CWE

CWE-415