Vulnerability
CVE-2020-11127
Component: TRUST
Location: FIRMWARE
u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCM4290, QCS405, QCS410, QCS4290, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA845, SDA855, SDM1000, SDM640, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P
Impact
Severity (Manufact.)
HIGH
Severity (NIST)
7.8
Severity (Android)
N/A
Chipsets
11
Devices
434
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| SM6115 | Snapdragon 662 | Qualcomm |
| SM6150 | Snapdragon 675 | Qualcomm |
| SM6350 | Snapdragon 690 | Qualcomm |
| SM7125 | Snapdragon 720G | Qualcomm |
| SM7225 | Snapdragon 750G | Qualcomm |
| SDM845 | Snapdragon 845 | Qualcomm |
| SM8150 | Snapdragon 855 | Qualcomm |
| SDM850 | Snapdragon 850 Mobile Compute Platform | Qualcomm |
| SC7180 | Snapdragon 7c | Qualcomm |
| SC8180X | Snapdragon 8cx | Qualcomm |
11 of 11 row(s) shown.
Rows per page
Page 1 of 2
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jan 1, 2018
Reported:
Unknown
Advisory Published:
Nov 2, 2020
CVE Published:
Nov 12, 2020
Android Patch Level:
Nov 2020
