CVE-2020-11273

Name of the Vulnerable Software and Affected Versions Snapdragon Auto (affected versions not specified) Snapdragon Compute (affected versions not specified) Snapdragon Connectivity (affected versions not specified) Snapdragon Mobile (affected versions not specified)

Description The issue arises from the teardown of the histogram type KPI, which assumes the existence of histogram binning information. However, when this information is missing, it leads to a null pointer access due to a lack of null check. This affects various Snapdragon products.

Recommendations For Snapdragon Auto, apply configuration changes to handle missing histogram binning information. For Snapdragon Compute, restrict access to the histogram type KPI when binning information is not available. For Snapdragon Connectivity, consider implementing null checks to prevent null pointer access. For Snapdragon Mobile, as a temporary workaround, consider disabling the histogram type KPI until a proper fix is available.