Vulnerability Description
u'Bluetooth devices does not properly restrict the L2CAP payload length allowing users in radio range to cause a buffer overflow via a crafted Link Layer packet(Equivalent to CVE-2019-17060,CVE-2019-17061 and CVE-2019-17517 in Sweyntooth paper)' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in AR9344
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Ar9344 Firmware | - |
| Qualcomm | Ar9344 | - |
Related Weaknesses (CWE)
References
- https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletiBroken Link
- https://www.qualcomm.com/company/product-security/bulletins/october-2020-securitVendor Advisory
- https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletiBroken Link
FAQ
What is CVE-2020-11114?
CVE-2020-11114 is a vulnerability with a CVSS score of 8.8 (HIGH). u'Bluetooth devices does not properly restrict the L2CAP payload length allowing users in radio range to cause a buffer overflow via a crafted Link Layer packet(Equivalent to CVE-2019-17060,CVE-2019-1...
How severe is CVE-2020-11114?
CVE-2020-11114 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11114?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ar9344 Firmware, Qualcomm Ar9344.