PT-2020-12596 · Qualcomm · Snapdragon Industrial Iot+5
Published
2020-11-12
·
Updated
2022-10-19
·
CVE-2020-11207
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Qualcomm Snapdragon Auto versions APQ8052 through SA8195P
Qualcomm Snapdragon Compute versions APQ8052 through SA8195P
Qualcomm Snapdragon Consumer IOT versions APQ8052 through SA8195P
Qualcomm Snapdragon Industrial IOT versions APQ8052 through SA8195P
Qualcomm Snapdragon Mobile versions APQ8052 through SA8195P
Description
A buffer overflow issue exists in the LibFastCV library due to improper size checks with respect to buffer length. This issue affects various Qualcomm Snapdragon products, including Auto, Compute, Consumer IOT, Industrial IOT, and Mobile, across a range of chipsets.
Recommendations
For Qualcomm Snapdragon Auto versions APQ8052 through SA8195P, update the LibFastCV library to a version that includes proper size checks for buffer length.
For Qualcomm Snapdragon Compute versions APQ8052 through SA8195P, update the LibFastCV library to a version that includes proper size checks for buffer length.
For Qualcomm Snapdragon Consumer IOT versions APQ8052 through SA8195P, update the LibFastCV library to a version that includes proper size checks for buffer length.
For Qualcomm Snapdragon Industrial IOT versions APQ8052 through SA8195P, update the LibFastCV library to a version that includes proper size checks for buffer length.
For Qualcomm Snapdragon Mobile versions APQ8052 through SA8195P, update the LibFastCV library to a version that includes proper size checks for buffer length.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libfastcv
Snapdragon Auto
Snapdragon Compute
Snapdragon Consumer Iot
Snapdragon Industrial Iot
Snapdragon Mobile