Qualcomm 组件安全漏洞
CNNVD-ID编号 |
CNNVD-202105-029 |
CVE编号 |
CVE-2020-11285 |
发布时间 |
2021-05-03 |
更新时间 |
2021-05-06 |
漏洞类型 |
其他 |
漏洞来源 |
N/A |
危险等级 |
中危 |
威胁类型 |
N/A |
厂商 |
N/A |
漏洞介绍
Qualcomm 组件是美国高通(Qualcomm)公司的一个组件。提供高通设备功能的内在部件。
高通组件存在安全漏洞,该漏洞源于解压缩RTCP数据包时缓冲区超读,如果RTCP数据包中的长度错误,我们可能会读取额外的字节。以下产品及版本受到影响:APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8084, APQ8096AU, AQT1000, AR8151, CSR6030, CSRB31024, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9625, MDM9628, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8976SG, MSM8996AU, PM215, PM3003A, PM439, PM456, PM6125, PM6150, PM6150A, PM6150L, PM6250, PM6350, PM640A, PM640L, PM640P, PM660, PM660A, PM660L, PM670, PM670L, PM7150A, PM7150L, PM7250, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8019, PM8150, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM855, PM855A, PM855B, PM855L, PM855P, PM8909, PM8916, PM8937, PM8940, PM8952, PM8953, PM8956, PM8996, PM8998, PMC1000H, PMD9607, PMD9635, PMD9645, PMD9655, PMD9655AU, PME605, PMI632, PMI8937, PMI8940, PMI8952, PMI8994, PMI8996, PMI8998, PMK8001, PMK8002,
漏洞补丁
目前厂商已发布升级了Qualcomm 组件安全漏洞的补丁,Qualcomm 组件安全漏洞的补丁获取链接:
https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin
参考网址
受影响实体
信息来源