CVE-2020-11193

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto versions APQ8009 through SDM845 Qualcomm Snapdragon Compute versions APQ8009 through SDM845 Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDM845 Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDM845 Qualcomm Snapdragon Mobile versions APQ8009 through SDM845 Qualcomm Snapdragon Voice & Music versions APQ8009 through SDM845 Qualcomm Snapdragon Wearables versions APQ8009 through SDM845

Description A buffer over-read issue can occur while parsing an mkv clip due to improper typecasting of data returned from atomsize. This issue affects various Qualcomm Snapdragon products, including Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, and Wearables.

Recommendations For Qualcomm Snapdragon Auto versions APQ8009 through SDM845, update to a version that properly handles typecasting of data returned from atomsize. For Qualcomm Snapdragon Compute versions APQ8009 through SDM845, update to a version that properly handles typecasting of data returned from atomsize. For Qualcomm Snapdragon Consumer IOT versions APQ8009 through SDM845, update to a version that properly handles typecasting of data returned from atomsize. For Qualcomm Snapdragon Industrial IOT versions APQ8009 through SDM845, update to a version that properly handles typecasting of data returned from atomsize. For Qualcomm Snapdragon Mobile versions APQ8009 through SDM845, update to a version that properly handles typecasting of data returned from atomsize. For Qualcomm Snapdragon Voice & Music versions APQ8009 through SDM845, update to a version that properly handles typecasting of data returned from atomsize. For Qualcomm Snapdragon Wearables versions APQ8009 through SDM845, update to a version that properly handles typecasting of data returned from atomsize.