CVE-2020-11148
Published: Jan 21, 2021
Modified: Aug 4, 2024
Description
Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
| Vendor | Product | Versions |
|---|---|---|
Qualcomm, Inc. | Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | affected APQ8017, APQ8053, MSM8917, MSM8953, PM215, PM3003A, PM439, PM6125, PM6150, PM6150A, PM6150L, PM6350, PM640A, PM640L, PM640P, PM660, PM660L, PM670, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM7350C, PM8008, PM8009, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM8350B, PM8350BH, PM8350BHS, PM8350C, PM855, PM855B, PM855L, PM8916, PM8937, PM8953, PMI632, PMI8937, PMI8952, PMK7350, PMK8002, PMK8003, PMK8350, PMM8195AU, PMM855AU, PMR525, PMR735A, PMR735B, PMX55, QAT3514, QAT3516, QAT3518, QAT3519, QAT3522, QAT3550, QAT3555, QAT5515, QAT5516, QAT5522, QAT5533, QAT5568, QBT1500, QBT2000, QCA6390, QCA6391, QCA6421, QCA6426, QCA6431, QCA6436, QCA6574A, QCA6574AU, QCA6595, QCA6595AU, QCA6696, QCS605, QDM2301, QDM2302, QDM2305, QDM2307, QDM2308, QDM2310, QDM3301, QDM3302, QDM4643, QDM4650, QDM5579, QDM5620, QDM5621, QDM5650, QDM5652, QDM5670, QDM5671, QDM5677, QDM5679, QET4101, QET5100, QET5100M, QET6100, QET6110, QFE2101, QFE2520, QFE2550, QFE3340, QFE4301, QFE4302, QFE4303, QFE4305, QFE4308, QFE ...[truncated*] |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now