Out of Bound Read Vulnerability in Qualcomm Snapdragon Products
CVE-2020-11241
Key Information:
- Vendor
- Qualcomm
- Vendor
- CVE Published:
- 9 June 2021
Summary
A vulnerability exists in Qualcomm Snapdragon products that allows for an out of bound read condition when the EAPOL Key length is less than expected. This issue arises during the processing of the NAN shared key descriptor attribute, potentially exposing sensitive data and compromising the security of systems utilizing these products.
Affected Version(s)
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking APQ8009, APQ8096AU, AQT1000, AR8031, AR8035, AR9380, CSR8811, CSRA6620, CSRA6640, CSRB31024, IPQ4018, IPQ4028, IPQ4029, IPQ5010, IPQ5018, IPQ6000, IPQ6005, IPQ6010, IPQ6018, IPQ6028, IPQ8064, IPQ8069, IPQ8070, IPQ8070A, IPQ8071, IPQ8071A, IPQ8072, IPQ8072A, IPQ8074, IPQ8074A, IPQ8076, IPQ8076A, IPQ8078, IPQ8078A, IPQ8173, IPQ8174, MDM9250, MDM9607, MDM9626, MDM9628, MDM9640, MDM9650, MDM9655, MSM8994, MSM8996AU, PM3003A, PM4125, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670A, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350C, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8996, PM8998, PMC1000H, PMC7180, PMD9607, PMD9645, PMD9655, PME605, PMI632, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMM855AU, PMM8996AU, PMP8074, PMR525, PMR735A, PMR735B, PMX20, P ...[truncated*]
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved