CVE-2020-11157

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions in APQ8053, APQ8076, MDM9640, MDM9650, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, QCA6174A, QCA9886, QCM2150, QM215, SDM429, SDM439, SDM450, SDM632

Description The issue arises from the lack of handling unexpected control messages while encryption is in progress. This can lead to the termination of the connection, resulting in a denial-of-service (DoS).

Recommendations For Qualcomm Snapdragon versions in APQ8053, APQ8076, MDM9640, MDM9650, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, QCA6174A, QCA9886, QCM2150, QM215, SDM429, SDM439, SDM450, SDM632, consider implementing proper handling of unexpected control messages during encryption to prevent connection termination. At the moment, there is no information about a newer version that contains a fix for this vulnerability.