Lucene search
QualcommCVE-2020-11152HistoryJan 21, 2021 - 10:15 a.m.
CVE-2020-11152
2021-01-2110:15:13
CWE-362
qualcomm
web.nvd.nist.gov
25
2
cve
2020
11152
race condition
hal layer
hidl
snapdragon auto
snapdragon compute
snapdragon consumer iot
snapdragon industrial iot
snapdragon mobile
snapdragon voice & music
snapdragon wearables
nvd
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
6.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0
Percentile
12.6%
Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Affected configurations
Node
qualcommapq8009wMatch-
ORqualcommapq8017Match-
ORqualcommapq8037Match-
ORqualcommapq8052Match-
ORqualcommapq8053Match-
ORqualcommapq8056Match-
ORqualcommapq8076Match-
ORqualcommapq8096auMatch-
ORqualcommaqt1000Match-
ORqualcommar8031Match-
ORqualcommcsra6620Match-
ORqualcommcsra6640Match-
ORqualcommmsm8909wMatch-
ORqualcommmsm8916Match-
ORqualcommmsm8917Match-
ORqualcommmsm8920Match-
ORqualcommmsm8937Match-
ORqualcommmsm8940Match-
ORqualcommmsm8952Match-
ORqualcommmsm8953Match-
ORqualcommmsm8956Match-
ORqualcommmsm8976Match-
ORqualcommmsm8976sgMatch-
ORqualcommmsm8996auMatch-
ORqualcommpm439Match-
ORqualcommpm660Match-
ORqualcommpm660aMatch-
ORqualcommpm660lMatch-
ORqualcommpm670Match-
ORqualcommpm670aMatch-
ORqualcommpm670lMatch-
ORqualcommpm8004Match-
ORqualcommpm8005Match-
ORqualcommpm855Match-
ORqualcommpm855aMatch-
ORqualcommpm855bMatch-
ORqualcommpm855lMatch-
ORqualcommpm855pMatch-
ORqualcommpm8916Match-
ORqualcommpm8937Match-
ORqualcommpm8940Match-
ORqualcommpm8952Match-
ORqualcommpm8953Match-
ORqualcommpm8956Match-
ORqualcommpm8998Match-
ORqualcommpmd9655Match-
ORqualcommpmi632Match-
ORqualcommpmi8937Match-
ORqualcommpmi8952Match-
ORqualcommpmi8998Match-
ORqualcommpmm8996auMatch-
ORqualcommpmx24Match-
ORqualcommpmx50Match-
ORqualcommqat3514Match-
ORqualcommqat3522Match-
ORqualcommqat3550Match-
ORqualcommqbt1000Match-
ORqualcommqbt1500Match-
ORqualcommqbt2000Match-
ORqualcommqca6174aMatch-
ORqualcommqca6310Match-
ORqualcommqca6320Match-
ORqualcommqca6420Match-
ORqualcommqca6430Match-
ORqualcommqca6564aMatch-
ORqualcommqca6564auMatch-
ORqualcommqca6574aMatch-
ORqualcommqca6574auMatch-
ORqualcommqca6584auMatch-
ORqualcommqca8337Match-
ORqualcommqca9377Match-
ORqualcommqcc1110Match-
ORqualcommqcs405Match-
ORqualcommqcs603Match-
ORqualcommqcs605Match-
ORqualcommqet4100Match-
ORqualcommqet4101Match-
ORqualcommqet5100Match-
ORqualcommqet5100mMatch-
ORqualcommqfe2080fcMatch-
ORqualcommqfe2081fcMatch-
ORqualcommqfe2082fcMatch-
ORqualcommqfe2101Match-
ORqualcommqfe2550Match-
ORqualcommqfe3100Match-
ORqualcommqfe3440fcMatch-
ORqualcommqfe4301Match-
ORqualcommqfe4302Match-
ORqualcommqfe4303Match-
ORqualcommqfe4305Match-
ORqualcommqfe4308Match-
ORqualcommqfe4309Match-
ORqualcommqfe4320Match-
ORqualcommqfe4373fcMatch-
ORqualcommqfe4455fcMatch-
ORqualcommqfe4465fcMatch-
ORqualcommqln1035bdMatch-
ORqualcommqpa4340Match-
ORqualcommqpa4360Match-
ORqualcommqpa5460Match-
ORqualcommqsw8573Match-
ORqualcommqtc800hMatch-
ORqualcommqtc800sMatch-
ORqualcommqtc800tMatch-
ORqualcommqtc801sMatch-
ORqualcommrgr7640auMatch-
ORqualcommrsw8577Match-
ORqualcommsd439Match-
ORqualcommsd450Match-
ORqualcommsd636Match-
ORqualcommsd660Match-
ORqualcommsd710Match-
ORqualcommsd712Match-
ORqualcommsd835Match-
ORqualcommsd855Match-
ORqualcommsd8cxMatch-
ORqualcommsdm630Match-
ORqualcommsdm830Match-
ORqualcommsdr051Match-
ORqualcommsdr052Match-
ORqualcommsdr660Match-
ORqualcommsdr8150Match-
ORqualcommsdw2500Match-
ORqualcommsdw3100Match-
ORqualcommsdx24Match-
ORqualcommsdx50mMatch-
ORqualcommsmb1351Match-
ORqualcommsmb1355Match-
ORqualcommsmb1358Match-
ORqualcommsmb1360Match-
ORqualcommsmb1380Match-
ORqualcommsmb1381Match-
ORqualcommsmb1390Match-
ORqualcommsmb231Match-
ORqualcommwcd9306Match-
ORqualcommwcd9326Match-
ORqualcommwcd9330Match-
ORqualcommwcd9335Match-
ORqualcommwcd9340Match-
ORqualcommwcd9341Match-
ORqualcommwcd9360Match-
ORqualcommwcn3610Match-
ORqualcommwcn3615Match-
ORqualcommwcn3620Match-
ORqualcommwcn3660bMatch-
ORqualcommwcn3680bMatch-
ORqualcommwcn3950Match-
ORqualcommwcn3980Match-
ORqualcommwcn3990Match-
ORqualcommwcn3998Match-
ORqualcommwcn3999Match-
ORqualcommwgr7640Match-
ORqualcommwhs9410Match-
ORqualcommwsa8810Match-
ORqualcommwsa8815Match-
ORqualcommwtr2955Match-
ORqualcommwtr2965Match-
ORqualcommwtr3925Match-
ORqualcommwtr4905Match-
ORqualcommwtr5975Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| qualcomm | apq8009w | - | cpe:2.3:h:qualcomm:apq8009w:-:*:*:*:*:*:*:* |
| qualcomm | apq8017 | - | cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:* |
| qualcomm | apq8037 | - | cpe:2.3:h:qualcomm:apq8037:-:*:*:*:*:*:*:* |
| qualcomm | apq8052 | - | cpe:2.3:h:qualcomm:apq8052:-:*:*:*:*:*:*:* |
| qualcomm | apq8053 | - | cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:* |
| qualcomm | apq8056 | - | cpe:2.3:h:qualcomm:apq8056:-:*:*:*:*:*:*:* |
| qualcomm | apq8076 | - | cpe:2.3:h:qualcomm:apq8076:-:*:*:*:*:*:*:* |
| qualcomm | apq8096au | - | cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:* |
| qualcomm | aqt1000 | - | cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:* |
| qualcomm | ar8031 | - | cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "APQ8009W, APQ8017, APQ8037, APQ8052, APQ8053, APQ8056, APQ8076, APQ8096AU, AQT1000, AR8031, CSRA6620, CSRA6640, MSM8909W, MSM8916, MSM8917, MSM8920, MSM8937, MSM8940, MSM8952, MSM8953, MSM8956, MSM8976, MSM8976SG, MSM8996AU, PM439, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM8004, PM8005, PM855, PM855A, PM855B, PM855L, PM855P, PM8916, PM8937, PM8940, PM8952, PM8953, PM8956, PM8998, PMD9655, PMI632, PMI8937, PMI8952, PMI8998, PMM8996AU, PMX24, PMX50, QAT3514, QAT3522, QAT3550, QBT1000, QBT1500, QBT2000, QCA6174A, QCA6310, QCA6320, QCA6420, QCA6430, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6584AU, QCA8337, QCA9377, QCC1110, QCS405, QCS603, QCS605, QET4100, QET4101, QET5100, QET5100M, QFE2080FC, QFE2081FC, QFE2082FC, QFE2101, QFE2550, QFE3100, QFE3440FC, QFE4301, QFE4302, QFE4303, QFE4305, QFE4308, QFE4309, QFE4320, QFE4373FC, QFE4455FC, QFE4465FC, QLN1035BD, QPA4340, QPA4360, QPA5460, QSW8573, QTC800H, QTC800S, QTC800T, QTC801S, RGR7640AU, RSW8577, SD 636, SD 8CX, SD439, SD450, SD660, SD ...[truncated*]"
}
]
}
]References
Social References
More
Related
prion
prion
Race condition
2021-01-21 10:15:00
cvelist
cvelist
CVE-2020-11152
2021-01-21 09:41:19
nvd
nvd
CVE-2020-11152
2021-01-21 10:15:13
androidsecurity
androidsecurity
Pixel Update Bulletin—December 2020
2020-12-07 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
6.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0
Percentile
12.6%
Related for CVE-2020-11152