CVE-2020-11175

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009W, MSM8909W, QCS605, QM215, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6350, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qualcomm:apq8009w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:apq8009w:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:qualcomm:sa6155_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6155:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:qualcomm:sa8155_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8155:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:qualcomm:sda640_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sda640:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:qualcomm:sda670_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sda670:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:qualcomm:sda855_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sda855:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:qualcomm:sdm1000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm1000:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:qualcomm:sdm640_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm640:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm670:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:qualcomm:sdx50m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx50m:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:qualcomm:sdx55m_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sdx55m:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:qualcomm:sm6125_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6125:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:qualcomm:sm6350_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm6350:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:qualcomm:sm7225_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7225:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:qualcomm:sm7250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7250:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:qualcomm:sm7250p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm7250p:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:qualcomm:sm8150p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8150p:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:qualcomm:sxr1120_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr1120:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:qualcomm:sxr1130_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr1130:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:qualcomm:sxr2130p_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:qualcomm:sxr2130p:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-11-12 10:15

Updated : 2023-12-10 13:41

NVD link : CVE-2020-11175

Mitre link : CVE-2020-11175

CVE.ORG link : CVE-2020-11175

JSON object : View

Products Affected

qualcomm

sxr2130p
sa6155
sdm1000_firmware
sdm670
sdx55_firmware
sa8155p
sm7250_firmware
sxr2130_firmware
sdx50m
sa6155_firmware
sdm670_firmware
sda855_firmware
sdx55m
sa8155_firmware
sm7250p
sxr1120_firmware
sxr2130
sm6125_firmware
sdm845
sm6350_firmware
sa6155p_firmware
sdm710
sm7250
sm8250
sm7225
msm8909w
sa8155p_firmware
sm6125
sm7225_firmware
apq8009w_firmware
sdx50m_firmware
sm8150
sm8250_firmware
sdm710_firmware
sdm845_firmware
sxr1130
sa6155p
sxr1120
sxr1130_firmware
msm8909w_firmware
apq8009w
sm8150_firmware
sm8150p_firmware
sa8155
sda670_firmware
sdm1000
qm215
sdm640
sm8150p
sdm640_firmware
sxr2130p_firmware
qcs605
sm7250p_firmware
sda640_firmware
sdx55m_firmware
sda855
sm6350
qcs605_firmware
sda640
qm215_firmware
sda670
sdx55

CWE

CWE-416

Use After Free

7.8 /10