Qualcomm 组件缓冲区错误漏洞

CNNVD-ID编号 CNNVD-202105-030
CVE编号 CVE-2020-11284
发布时间 2021-05-03
更新时间 2021-05-06
漏洞类型 缓冲区错误
漏洞来源 N/A
危险等级 中危
威胁类型 N/A
厂 商 N/A

漏洞介绍

Qualcomm 组件是美国高通(Qualcomm)公司的一个组件。提供高通设备功能的内在部件。 高通组件存在缓冲区错误漏洞,该漏洞源于非安全引导加载程序可以通过不正确的系统调用顺序来解锁和修改锁定的内存,从而使存储区域成为安全引导加载程序的不可信任输入来源。以下产品及版本受影响:AQT1000, AR8035, PM3003A, PM4125, PM4250, PM6125, PM6150, PM6150A, PM6150L, PM6350, PM640A, PM640L, PM640P, PM7250B, PM8004, PM8005, PM8008, PM8009, PM8150A, PM8150B, PM8150C, PM8150L, PM8250, PM8350, PM855, PM855B, PM855L, PM855P, PM8998, PMD9655, PMI632, PMI8998, PMK8002, PMK8003, PMM8195AU, PMM855AU, PMR525, PMX24, PMX55, QAT3522, QAT3550, QBT1500, QBT2000, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6574AU, QCA6595, QCA9984, QCM2290, QCM4290, QCS2290, QCS405, QCS4290, QET4101, QET5100, QET6100, QET6105, QFS2530, QFS2580, QPA4360, QPA5460, QPA6560, QSW8574, QTC410S, QTC800H, QTC800S, QTC801S, QTM525, SA6155P, SA8195P, SD 8C, SD 8CX, SD460, SD480, SD662, SD675, SD855, SD865 5G, SD870, SD888 5G, SDM830, SDR425, SDR660, SDR660G, SDR735, SDR735G, SDR8150, SDR8250, SDR865, SDX24, SDX55, SDX55M, SDXR2 5G, SM4125, SMB135

漏洞补丁

目前厂商已发布升级了Qualcomm 组件缓冲区错误漏洞的补丁,Qualcomm 组件缓冲区错误漏洞的补丁获取链接: https://www.qualcomm.com/company/product-security/bulletins/may-2021-bulletin

参考网址

  • 暂无

受影响实体

  • 暂无

信息来源