CVE-2020-11144

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon (affected versions not specified)

Description The issue arises from a buffer over-read that occurs when a UE process attempts to decompress an invalid DL ROHC packet. This happens due to the lack of a size check for the compressed packet in various Snapdragon components, including Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, and Wearables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.