Qualcomm 组件代码问题漏洞
CNNVD-ID编号 |
CNNVD-202105-034 |
CVE编号 |
CVE-2020-11254 |
发布时间 |
2021-05-03 |
更新时间 |
2021-05-06 |
漏洞类型 |
代码问题 |
漏洞来源 |
N/A |
危险等级 |
中危 |
威胁类型 |
N/A |
厂商 |
N/A |
漏洞介绍
Qualcomm 组件是美国高通(Qualcomm)公司的一个组件。提供高通设备功能的内在部件。
高通组件存在代码问题漏洞,该漏洞源于取消引用会话ctx指针而不检查指针是否有效,因此在缓冲区分配期间内存损坏。以下产品及版本受影响:PM6150A, PM6150L, PM6350, PM660, PM660L, PM7250B, PM8008, PM8009, PM8350, PM8350B, PM8350BH, PM8350C, PMK8003, PMK8350, PMM6155AU, PMM8155AU, PMM8195AU, PMR735A, PMR735B, QAT3516, QAT3518, QAT3519, QAT3555, QAT5515, QAT5516, QAT5522, QAT5568, QBT1500, QCA6574AU, QCA6696, QDM3301, QDM4643, QDM4650, QDM5620, QDM5621, QDM5670, QDM5671, QET5100, QET5100M, QET6100, QET6105, QET6110, QFS2530, QFS2580, QFS2608, QFS2630, QLN4642, QLN4650, QLN5020, QLN5030, QLN5040, QPA2625, QPA5461, QPA5580, QPA5581, QPA8801, QPA8802, QPA8803, QPA8821, QPA8842, QPM4621, QPM4630, QPM4640, QPM4641, QPM4650, QPM5621, QPM5641, QPM5670, QPM5677, QPM5679, QPM5870, QPM5875, QPM6585, QPM6621, QPM6670, QPM8820, QPM8870, QTC800H, QTC800S, QTC801S, QTM525, SA6145P, SA6150P, SA6155P, SA8150P, SA8155P, SA8195P, SD480, SD670, SD710, SD888, SD888 5G, SDR660, SDR660G, SDR735, SDR735G, SDR865, SDXR1, SMB1351, SMB1
漏洞补丁
目前厂商已发布升级了Qualcomm 组件代码问题漏洞的补丁,Qualcomm 组件代码问题漏洞的补丁获取链接:
https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin
参考网址
受影响实体
信息来源