An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
References
Link | Resource |
---|---|
https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
26 Feb 2021, 15:45
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:smb1357:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wtr2955:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmk8001:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9230:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:apq8064au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qbt1500:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qpa4340:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sd835:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcn3990:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wtr4905:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:smb1380:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8937:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6584:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmm8996au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sdx20m:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmi8937:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:smb1350:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qtc800s:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sd210:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qat3514:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:smb1351:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmd9655:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wtr3950:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmd9645:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmd9607:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmi8998:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe3345:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sd820:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:smb1358:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmi8996:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wtr3925:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm660a:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qat3522:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6310:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qsw8573:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sdw2500:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8916:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe3320:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qln1021aq:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8996:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcn3615:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe3335:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qet4100:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9326:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmx20:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qpa5460:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wtr5975:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmi8994:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sdw3100:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6174:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:smb358s:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:ar8151:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sd660:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:csr6030:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8998:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe2550:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qbt1000:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmi8952:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qln1030:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wtr3905:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:rgr7640au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:apq8009w:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qln1031:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qet4101:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wgr7640:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sd205:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sdr660:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:rsw8577:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qtc800h:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8952:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6320:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm660:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8004:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe1035:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:smb1360:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9330:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qat3550:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8953:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:smb231:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe1045:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wtr2965:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8909:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8005:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pmd9635:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qln1036aq:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qtc800t:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm660l:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sd_636:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qpa4360:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9630:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qet4200aq:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:pm8956:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe1040:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:sd821:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:mdm9626:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe3100:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:qfe2340:-:*:*:*:*:*:*:* cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:* |
|
CWE | CWE-476 | |
References | (CONFIRM) https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 6.8 |
22 Feb 2021, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-22 07:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-11286
Mitre link : CVE-2020-11286
CVE.ORG link : CVE-2020-11286
JSON object : View
Products Affected
qualcomm
- wtr5975
- apq8076
- qca6574a
- mdm9628
- smb358s
- msm8909w
- wcd9341
- sd205
- qbt1500
- sdx20m
- qln1036aq
- wcd9335
- rgr7640au
- apq8064au
- pmi8994
- qat3514
- qfe3335
- sdm630
- qet4101
- pmi8996
- qca6584au
- wcn3980
- pm8916
- pm8004
- pm8998
- wsa8815
- pm8953
- qca9377
- qfe1035
- wcn3610
- qpa4360
- wtr3905
- pmx20
- pmd9655
- sdw3100
- qca6584
- qfe2550
- msm8937
- smb1351
- wcd9330
- apq8009
- pm8909
- pm8952
- pmi8952
- qca6564au
- qet4200aq
- qca6574au
- qln1021aq
- qtc800s
- pmd9635
- qet4100
- sdr660
- wcn3620
- mdm9650
- wcn3660b
- wcn3990
- qfe1040
- qpa5460
- wtr4905
- qln1030
- wcd9306
- smb1350
- pm660
- qca6320
- qca6564a
- mdm9607
- pm8956
- qtc800h
- wcn3615
- ar8151
- mdm9640
- qfe3345
- mdm9630
- qfe1045
- pm8005
- qca9367
- qln1031
- pm8937
- sd660
- qca6310
- wtr2965
- qca6174a
- apq8009w
- mdm9655
- rsw8577
- pmd9645
- mdm9626
- apq8017
- qsw8573
- wcn3680b
- sdw2500
- qtc800t
- apq8096au
- wtr3950
- qfe3320
- wgr7640
- pmm8996au
- wtr3925
- smb1357
- qat3550
- pmd9607
- apq8053
- pm660l
- pmk8001
- sd_636
- csr6030
- pm660a
- qca6174
- sd210
- mdm9330
- mdm9250
- qat3522
- wcd9340
- qfe2340
- wcd9326
- smb1360
- sd835
- qfe3100
- qpa4340
- wsa8810
- pmi8937
- sd821
- smb1380
- mdm9206
- smb1358
- qbt1000
- sdx20
- mdm9230
- qca6574
- pmi8998
- pm8996
- smb231
- wtr2955
- sd820
- msm8996au
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer