1. Home
  2. CVE Database
  3. CVE-2020-11295
MEDIUM · 6.8

CVE-2020-11295

Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT...

Vulnerability Description

Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
LOW

Affected Products

VendorProductVersions
QualcommFsm10055 Firmware-
QualcommFsm10055-
QualcommFsm10056 Firmware-
QualcommFsm10056-
QualcommPm3003A Firmware-
QualcommPm3003A-
QualcommPm6125 Firmware-
QualcommPm6125-
QualcommPm6150 Firmware-
QualcommPm6150-
QualcommPm6150A Firmware-
QualcommPm6150A-
QualcommPm6150L Firmware-
QualcommPm6150L-
QualcommPm6350 Firmware-
QualcommPm6350-
QualcommPm660 Firmware-
QualcommPm660-
QualcommPm660L Firmware-
QualcommPm660L-

Related Weaknesses (CWE)

CWE-416

References

FAQ

What is CVE-2020-11295?

CVE-2020-11295 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT...

How severe is CVE-2020-11295?

CVE-2020-11295 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-11295?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Fsm10055 Firmware, Qualcomm Fsm10055, Qualcomm Fsm10056 Firmware, Qualcomm Fsm10056, Qualcomm Pm3003A Firmware.