CNNVD-ID编号 | CNNVD-202011-144 |
CVE编号 | CVE-2020-11132 |
发布时间 | 2020-11-02 |
更新时间 | 2020-11-24 |
漏洞类型 | 缓冲区错误 |
漏洞来源 | N/A |
危险等级 | 高危 |
威胁类型 | 本地 |
厂 商 | N/A |
Qualcomm MDM9206等都是美国高通(Qualcomm)公司的产品。Qualcomm MDM9206是一款中央处理器(CPU)产品。Qualcomm MDM9150是一款中央处理器(CPU)产品。Qualcomm SM8150是一款中央处理器(CPU)产品。
Qualcomm 多款产品 Boot 中存在缓冲区错误漏洞,该漏洞源于在引导中读取缓冲区,由于忽略大小检查,因此在将GUID属性从请求复制到响应之前被忽略。以下产品或版本收到影响:APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330。
目前厂商已发布升级了多款 Qualcomm 产品缓冲区错误漏洞的补丁,多款 Qualcomm 产品缓冲区错误漏洞的补丁获取链接:
https://www.ea.com/security/news/easec-2020-003-cross-site-scripting-vulnerability-in-origin-client
来源:CONFIRM
链接:https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin
来源:vigilance.fr
来源:www.qualcomm.com
链接:https://www.qualcomm.com/company/product-security/bulletins/november-2020-security-bulletin
暂无