CVEs-PoC/2020/CVE-2020-11277.md

### [CVE-2020-11277](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11277)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Compute%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Mobile&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20After%20Free%20in%20DSP%20Services&color=brighgreen)

### Description

Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

#### Github
- https://github.com/TinyNiko/android_bulletin_notes