CVEs-PoC/2020/CVE-2020-11144.md

CVE-2020-11144

Description

Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

POC

Reference

• https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin

Github

• https://github.com/TinyNiko/android_bulletin_notes