CVE-2020-11282

Name of the Vulnerable Software and Affected Versions Snapdragon Auto (affected versions not specified) Snapdragon Compute (affected versions not specified) Snapdragon Connectivity (affected versions not specified) Snapdragon Consumer IOT (affected versions not specified) Snapdragon Industrial IOT (affected versions not specified) Snapdragon Mobile (affected versions not specified) Snapdragon Voice & Music (affected versions not specified) Snapdragon Wearables (affected versions not specified)

Description The issue is related to improper access control when using mmap with the kgsl driver and a special offset value. This can allow mapping the memstore of the GPU to user space. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited. Technical details include the use of mmap with the kgsl driver and a special offset value to map the memstore of the GPU to user space.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.