1. Home
  2. CVE Database
  3. CVE-2020-11237
HIGH · 8.4

CVE-2020-11237

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrag...

Vulnerability Description

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

CVSS Score

8.4

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
QualcommCsrb31024 Firmware-
QualcommCsrb31024-
QualcommPm3003A Firmware-
QualcommPm3003A-
QualcommPm456 Firmware-
QualcommPm456-
QualcommPm6150 Firmware-
QualcommPm6150-
QualcommPm6150A Firmware-
QualcommPm6150A-
QualcommPm6150L Firmware-
QualcommPm6150L-
QualcommPm6250 Firmware-
QualcommPm6250-
QualcommPm6350 Firmware-
QualcommPm6350-
QualcommPm7150A Firmware-
QualcommPm7150A-
QualcommPm7150L Firmware-
QualcommPm7150L-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2020-11237?

CVE-2020-11237 is a vulnerability with a CVSS score of 8.4 (HIGH). Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrag...

How severe is CVE-2020-11237?

CVE-2020-11237 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-11237?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Csrb31024 Firmware, Qualcomm Csrb31024, Qualcomm Pm3003A Firmware, Qualcomm Pm3003A, Qualcomm Pm456 Firmware.