1. Home
  2. CVE Database
  3. CVE-2020-11147
MEDIUM · 6.7

CVE-2020-11147

Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

Vulnerability Description

Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommAqt1000 Firmware-
QualcommAqt1000-
QualcommPm3003A Firmware-
QualcommPm3003A-
QualcommPm456 Firmware-
QualcommPm456-
QualcommPm6125 Firmware-
QualcommPm6125-
QualcommPm6150 Firmware-
QualcommPm6150-
QualcommPm6150A Firmware-
QualcommPm6150A-
QualcommPm6150L Firmware-
QualcommPm6150L-
QualcommPm6250 Firmware-
QualcommPm6250-
QualcommPm6350 Firmware-
QualcommPm6350-
QualcommPm660 Firmware-
QualcommPm660-

Related Weaknesses (CWE)

CWE-416

References

FAQ

What is CVE-2020-11147?

CVE-2020-11147 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

How severe is CVE-2020-11147?

CVE-2020-11147 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-11147?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Aqt1000 Firmware, Qualcomm Aqt1000, Qualcomm Pm3003A Firmware, Qualcomm Pm3003A, Qualcomm Pm456 Firmware.