Vulnerabilities > CVE-2020-11277 - Use After Free vulnerability in Qualcomm products

047910
CVSS 7.4 - HIGH
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
high complexity
qualcomm
CWE-416

Summary

Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

Vulnerable Configurations

Part Description Count
OS
Qualcomm
161
Hardware
Qualcomm
161

Common Weakness Enumeration (CWE)