Main Vulnerability Database SB2020110231

SB2020110231 - Multiple vulnerabilities in Qualcomm chipsets

Published: November 2, 2020 Updated: July 7, 2025

Security Bulletin ID SB2020110231

Severity

High

Patch available

YES

Number of vulnerabilities 20

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 20 secuirty vulnerabilities.

1) Untrusted Pointer Dereference (CVE-ID: CVE-2020-11168)

The vulnerability allows a remote attacker to read and manipulate data.

The vulnerability exists due to improper input validation in Video. A remote attacker can read and manipulate data.

2) Improper Authorization (CVE-ID: CVE-2020-11209)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in DSP Process. A local application can execute arbitrary code.

3) Integer underflow (CVE-ID: CVE-2020-11208)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in DSP Process. A local application can execute arbitrary code.

4) Improper Validation of Array Index (CVE-ID: CVE-2020-3632)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in MHI Ring Validation. A local application can execute arbitrary code.

5) Integer overflow (CVE-ID: CVE-2020-11205)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Bluetooth SOC. A local application can execute arbitrary code.

6) Integer overflow (CVE-ID: CVE-2020-11196)

The vulnerability allows a remote attacker to read and manipulate data.

The vulnerability exists due to improper input validation in Video. A remote attacker can read and manipulate data.

7) Integer overflow (CVE-ID: CVE-2020-11193)

The vulnerability allows a remote attacker to read and manipulate data.

The vulnerability exists due to improper input validation in Video. A remote attacker can read and manipulate data.

8) Integer overflow (CVE-ID: CVE-2020-11184)

The vulnerability allows a remote attacker to read and manipulate data.

The vulnerability exists due to improper input validation in Video. A remote attacker can read and manipulate data.

9) Use After Free (CVE-ID: CVE-2020-11175)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Bluetooth Host. A local application can execute arbitrary code.

10) Integer overflow (CVE-ID: CVE-2020-11127)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in QTEE. A local application can execute arbitrary code.

11) Cryptographic Issues (CVE-ID: CVE-2020-11123)

The vulnerability allows a local application to read and manipulate data.

The vulnerability exists due to improper input validation in HLOS. A local application can read and manipulate data.

12) Improper Validation of Array Index (CVE-ID: CVE-2020-3639)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper input validation in Modem Data. A remote attacker can execute arbitrary code.

13) Buffer over-read (CVE-ID: CVE-2020-11132)

The vulnerability allows a local privileged application to read and manipulate data.

The vulnerability exists due to improper input validation in Boot. A local privileged application can read and manipulate data.

14) Integer overflow (CVE-ID: CVE-2020-11131)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in WLAN. A local privileged application can execute arbitrary code.

15) Buffer overflow (CVE-ID: CVE-2020-11130)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in WLAN. A local privileged application can execute arbitrary code.

16) Buffer overflow (CVE-ID: CVE-2020-11121)

The vulnerability allows a local privileged application to execute arbitrary code.

The vulnerability exists due to improper input validation in WLAN. A local privileged application can execute arbitrary code.

17) Buffer overflow (CVE-ID: CVE-2020-11207)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Computer Vision. A local application can execute arbitrary code.

18) Untrusted Pointer Dereference (CVE-ID: CVE-2020-11206)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in ComputerVision. A local application can execute arbitrary code.

19) Improper input validation (CVE-ID: CVE-2020-11202)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Video. A local application can execute arbitrary code.

20) Untrusted Pointer Dereference (CVE-ID: CVE-2020-11201)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Video. A local application can execute arbitrary code.

Remediation

Install update from vendor's website.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2020-bulletin.html

Vulnerable Software

APQ8009: All versions
APQ8009W: All versions
APQ8017: All versions
APQ8053: All versions
APQ8064AU: All versions
APQ8096AU: All versions
APQ8098: All versions
MDM9206: All versions
MDM9650: All versions
MSM8909W: All versions
MSM8953: All versions
MSM8996AU: All versions
QCM4290: All versions
QCS405: All versions
QCS4290: All versions
QCS603: All versions
QCS605: All versions
QM215: All versions
QSM8350: All versions
SA6155: All versions
SA6155P: All versions
SA8155: All versions
SA8155P: All versions
SDA429W: All versions
SDA640: All versions
SDA660: All versions
SDA845: All versions
SDA855: All versions
SDM1000: All versions
SDM429: All versions
SDM429W: All versions
SDM450: All versions
SDM632: All versions
SDM640: All versions
SDM830: All versions
SDM845: All versions
SDW2500: All versions
SDX20: All versions
SDX20M: All versions
SDX50M: All versions
SDX55: All versions
SDX55M: All versions
SM4250: All versions
SM4250P: All versions
SM6115: All versions
SM6115P: All versions
SM6125: All versions
SM6250: All versions
SM6350: All versions
SM7125: All versions
SM7225: All versions
SM7250: All versions
SM7250P: All versions
SM8150: All versions
SM8150P: All versions
SM8250: All versions
SM8350: All versions
SM8350P: All versions
SXR2130: All versions
SXR2130P: All versions
WCD9330: All versions
SD820: All versions
SD821: All versions
SA6145P: All versions
SD855: All versions
SD 675: All versions
SD660: All versions
SD429: All versions
SD439: All versions
SC7180: All versions
SM6150: All versions
SM6250P: All versions
SM7150: All versions
SM7150P: All versions
SA6150P: All versions
SA8150P: All versions
SA8195P: All versions
APQ8037: All versions
APQ8096: All versions
APQ8096SG: All versions
MSM8905: All versions
MSM8909: All versions
MSM8917: All versions
MSM8920: All versions
MSM8937: All versions
MSM8940: All versions
MSM8996: All versions
MSM8996SG: All versions
MSM8998: All versions
QCM6125: All versions
QCS410: All versions
QCS610: All versions
QCS6125: All versions
SDA670: All versions
SDM439: All versions
SDM455: All versions
SDM630: All versions
SDM636: All versions
SDM660: All versions
SDM670: All versions
SDM710: All versions
SM4125: All versions
SM6150P: All versions
SXR1120: All versions
SXR1130: All versions
MDM9205: All versions
QSM8250: All versions
SA415M: All versions
SA515M: All versions
SC8180X: All versions
SC8180X+SDX55: All versions
SC8180XP: All versions
SDM850: All versions
SDX24: All versions
MDM8207: All versions
MDM9150: All versions
MDM9207: All versions
MDM9250: All versions
MDM9607: All versions
MDM9628: All versions
MDM9640: All versions
MDM9655: All versions
MSM8108: All versions
MSM8208: All versions
MSM8209: All versions
MSM8608: All versions
SDM712: All versions
APQ8052: All versions
APQ8056: All versions
APQ8076: All versions
MSM8952: All versions
MSM8956: All versions
MSM8976: All versions
MSM8976SG: All versions