PT-2020-12585 · Qualcomm · Snapdragon Industrial Iot+40
Published
2020-11-02
·
Updated
2021-07-21
·
CVE-2020-11173
CVSS v2.0
4.4
Medium
| Vector | AV:L/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Qualcomm Snapdragon versions (affected versions not specified)
Description
A race condition can occur in the fastRPC driver when two threads run simultaneously from user space. This issue affects various Qualcomm Snapdragon products, including Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, and Snapdragon Wired Infrastructure and Networking, across multiple chipsets such as Agatti, APQ8053, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8953, Nicobar, QCA6390, QCS404, QCS405, QCS610, Rennell, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM632, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, and SXR2130.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Race Condition
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apq8053
Agatti
Bitra
Ipq4019
Ipq5018
Ipq6018
Ipq8064
Ipq8074
Kamorta
Mdm9607
Msm8953
Nicobar
Qca6390
Qcs404
Qcs405
Qcs610
Rennell
Sa515M
Sa6155P
Sa8155P
Sc8180X
Sda845
Sdm429
Sdm632
Sdm660
Sdx55
Sm6150
Sm7150
Sm8150
Sm8250
Sxr2130
Saipan
Snapdragon Auto
Snapdragon Compute
Snapdragon Connectivity
Snapdragon Consumer Iot
Snapdragon Industrial Iot
Snapdragon Mobile
Snapdragon Voice & Music
Snapdragon Wearables
Snapdragon Wired Infrastructure/Networking