CVE-2020-11268 - Vulnerability Details

Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.0026.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Qualcomm, Inc.

Snapdragon Auto, Snapdragon Mobile

affected

Version	Status	Constraints
APQ8009, APQ8016, APQ8074, APQ8084, APQ8094, AR6003, MDM8215, MDM8215M, MDM8615M, MDM9215, MDM9235M, MDM9310, MDM9609, MDM9615, MDM9615M, MDM9635M, MDM9640, MDM9645, MSM8108, MSM8208, MSM8209, MSM8216, MSM8274, MSM8608, MSM8674, MSM8916, MSM8929, MSM8939, MSM8974, MSM8974P, MSM8994, PM8018, PM8841, PM8909, PM8916, PM8941, PM8994, PMD9635, PMD9645, PMI8994, QCA1990, QCA6174, QCA6174A, QCA6584, QFE1035, QFE1040, QFE1045, QFE1100, QFE1101, QFE1520, QFE1550, QFE2101, QFE2310, QFE2320, QFE2330, QFE2340, QFE2520, QFE2550, QFE2720, QFE3100, QFE3320, QFE3335, QFE3340, QFE3345, SD210, SMB1360, WCD9306, WCD9330, WCN3610, WCN3620, WCN3660, WCN3660A, WCN3660B, WCN3680, WCN3680B, WFR1620, WGR7640, WTR1605, WTR1605L, WTR1625, WTR1625L, WTR2605, WTR2955, WTR3925, WTR4605, WTR4905	affected	—

Configuration 1 [-]

OR	cpe:2.3:h:qualcomm:apq8009:-:::::::*
	cpe:2.3:h:qualcomm:apq8016:-:::::::*
	cpe:2.3:h:qualcomm:apq8074:-:::::::*
	cpe:2.3:h:qualcomm:apq8084:-:::::::*
	cpe:2.3:h:qualcomm:apq8094:-:::::::*
	cpe:2.3:h:qualcomm:ar6003:-:::::::*
	cpe:2.3:h:qualcomm:mdm8215:-:::::::*
	cpe:2.3:h:qualcomm:mdm8215m:-:::::::*
	cpe:2.3:h:qualcomm:mdm8615m:-:::::::*
	cpe:2.3:h:qualcomm:mdm9215:-:::::::*
	cpe:2.3:h:qualcomm:mdm9235m:-:::::::*
	cpe:2.3:h:qualcomm:mdm9310:-:::::::*
	cpe:2.3:h:qualcomm:mdm9609:-:::::::*
	cpe:2.3:h:qualcomm:mdm9615:-:::::::*
	cpe:2.3:h:qualcomm:mdm9615m:-:::::::*
	cpe:2.3:h:qualcomm:mdm9635m:-:::::::*
	cpe:2.3:h:qualcomm:mdm9640:-:::::::*
	cpe:2.3:h:qualcomm:mdm9645:-:::::::*
	cpe:2.3:h:qualcomm:msm8108:-:::::::*
	cpe:2.3:h:qualcomm:msm8208:-:::::::*
	cpe:2.3:h:qualcomm:msm8209:-:::::::*
	cpe:2.3:h:qualcomm:msm8216:-:::::::*
	cpe:2.3:h:qualcomm:msm8274:-:::::::*
	cpe:2.3:h:qualcomm:msm8608:-:::::::*
	cpe:2.3:h:qualcomm:msm8674:-:::::::*
	cpe:2.3:h:qualcomm:msm8916:-:::::::*
	cpe:2.3:h:qualcomm:msm8929:-:::::::*
	cpe:2.3:h:qualcomm:msm8939:-:::::::*
	cpe:2.3:h:qualcomm:msm8974:-:::::::*
	cpe:2.3:h:qualcomm:msm8974p:-:::::::*
	cpe:2.3:h:qualcomm:msm8994:-:::::::*
	cpe:2.3:h:qualcomm:pm8018:-:::::::*
	cpe:2.3:h:qualcomm:pm8841:-:::::::*
	cpe:2.3:h:qualcomm:pm8909:-:::::::*
	cpe:2.3:h:qualcomm:pm8916:-:::::::*
	cpe:2.3:h:qualcomm:pm8941:-:::::::*
	cpe:2.3:h:qualcomm:pm8994:-:::::::*
	cpe:2.3:h:qualcomm:pmd9635:-:::::::*
	cpe:2.3:h:qualcomm:pmd9645:-:::::::*
	cpe:2.3:h:qualcomm:pmi8994:-:::::::*
	cpe:2.3:h:qualcomm:qca1990:-:::::::*
	cpe:2.3:h:qualcomm:qca6174:-:::::::*
	cpe:2.3:h:qualcomm:qca6174a:-:::::::*
	cpe:2.3:h:qualcomm:qca6584:-:::::::*
	cpe:2.3:h:qualcomm:qfe1035:-:::::::*
	cpe:2.3:h:qualcomm:qfe1040:-:::::::*
	cpe:2.3:h:qualcomm:qfe1045:-:::::::*
	cpe:2.3:h:qualcomm:qfe1100:-:::::::*
	cpe:2.3:h:qualcomm:qfe1101:-:::::::*
	cpe:2.3:h:qualcomm:qfe1520:-:::::::*
	cpe:2.3:h:qualcomm:qfe1550:-:::::::*
	cpe:2.3:h:qualcomm:qfe2101:-:::::::*
	cpe:2.3:h:qualcomm:qfe2310:-:::::::*
	cpe:2.3:h:qualcomm:qfe2320:-:::::::*
	cpe:2.3:h:qualcomm:qfe2330:-:::::::*
	cpe:2.3:h:qualcomm:qfe2340:-:::::::*
	cpe:2.3:h:qualcomm:qfe2520:-:::::::*
	cpe:2.3:h:qualcomm:qfe2550:-:::::::*
	cpe:2.3:h:qualcomm:qfe2720:-:::::::*
	cpe:2.3:h:qualcomm:qfe3100:-:::::::*
	cpe:2.3:h:qualcomm:qfe3320:-:::::::*
	cpe:2.3:h:qualcomm:qfe3335:-:::::::*
	cpe:2.3:h:qualcomm:qfe3340:-:::::::*
	cpe:2.3:h:qualcomm:qfe3345:-:::::::*
cpe:2.3:h:qualcomm:sd210:-:::::::*
cpe:2.3:h:qualcomm:smb1360:-:::::::*
cpe:2.3:h:qualcomm:wcd9306:-:::::::*
cpe:2.3:h:qualcomm:wcd9330:-:::::::*
cpe:2.3:h:qualcomm:wcn3610:-:::::::*
cpe:2.3:h:qualcomm:wcn3620:-:::::::*
cpe:2.3:h:qualcomm:wcn3660:-:::::::*
cpe:2.3:h:qualcomm:wcn3660a:-:::::::*
cpe:2.3:h:qualcomm:wcn3660b:-:::::::*
cpe:2.3:h:qualcomm:wcn3680:-:::::::*
cpe:2.3:h:qualcomm:wcn3680b:-:::::::*
cpe:2.3:h:qualcomm:wfr1620:-:::::::*
cpe:2.3:h:qualcomm:wgr7640:-:::::::*
cpe:2.3:h:qualcomm:wtr1605:-:::::::*
cpe:2.3:h:qualcomm:wtr1605l:-:::::::*
cpe:2.3:h:qualcomm:wtr1625:-:::::::*
cpe:2.3:h:qualcomm:wtr1625l:-:::::::*
cpe:2.3:h:qualcomm:wtr2605:-:::::::*
cpe:2.3:h:qualcomm:wtr2955:-:::::::*
cpe:2.3:h:qualcomm:wtr3925:-:::::::*
cpe:2.3:h:qualcomm:wtr4605:-:::::::*
cpe:2.3:h:qualcomm:wtr4905:-:::::::*

No data.

Project Subscriptions

Vendors	Products
Qualcomm Subscribe	Apq8009 Subscribe Apq8016 Subscribe Apq8074 Subscribe Apq8084 Subscribe Apq8094 Subscribe Ar6003 Subscribe Mdm8215 Subscribe Mdm8215m Subscribe Mdm8615m Subscribe Mdm9215 Subscribe Mdm9235m Subscribe Mdm9310 Subscribe Mdm9609 Subscribe Mdm9615 Subscribe Mdm9615m Subscribe Mdm9635m Subscribe Mdm9640 Subscribe Mdm9645 Subscribe Msm8108 Subscribe Msm8208 Subscribe Msm8209 Subscribe Msm8216 Subscribe Msm8274 Subscribe Msm8608 Subscribe Msm8674 Subscribe Msm8916 Subscribe Msm8929 Subscribe Msm8939 Subscribe Msm8974 Subscribe Msm8974p Subscribe Msm8994 Subscribe Pm8018 Subscribe Pm8841 Subscribe Pm8909 Subscribe Pm8916 Subscribe Pm8941 Subscribe Pm8994 Subscribe Pmd9635 Subscribe Pmd9645 Subscribe Pmi8994 Subscribe Qca1990 Subscribe Qca6174 Subscribe Qca6174a Subscribe Qca6584 Subscribe Qfe1035 Subscribe Qfe1040 Subscribe Qfe1045 Subscribe Qfe1100 Subscribe Qfe1101 Subscribe Qfe1520 Subscribe Qfe1550 Subscribe Qfe2101 Subscribe Qfe2310 Subscribe Qfe2320 Subscribe Qfe2330 Subscribe Qfe2340 Subscribe Qfe2520 Subscribe Qfe2550 Subscribe Qfe2720 Subscribe Qfe3100 Subscribe Qfe3320 Subscribe Qfe3335 Subscribe Qfe3340 Subscribe Qfe3345 Subscribe Sd210 Subscribe Smb1360 Subscribe Wcd9306 Subscribe Wcd9330 Subscribe Wcn3610 Subscribe Wcn3620 Subscribe Wcn3660 Subscribe Wcn3660a Subscribe Wcn3660b Subscribe Wcn3680 Subscribe Wcn3680b Subscribe Wfr1620 Subscribe Wgr7640 Subscribe Wtr1605 Subscribe Wtr1605l Subscribe Wtr1625 Subscribe Wtr1625l Subscribe Wtr2605 Subscribe Wtr2955 Subscribe Wtr3925 Subscribe Wtr4605 Subscribe Wtr4905 Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2020-3622	Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon Auto, Snapdragon Mobile

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2021-05-07T09:10:31

Updated: 2024-08-04T11:28:13.813Z

Reserved: 2020-03-31T00:00:00

Link: CVE-2020-11268

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-05-07T09:15:07.773

Modified: 2024-11-21T04:57:34.743

Link: CVE-2020-11268

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-20

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object