CVEs-PoC/2020/CVE-2020-11182.md

### [CVE-2020-11182](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11182)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Auto%2C%20Snapdragon%20Compute%2C%20Snapdragon%20Connectivity%2C%20Snapdragon%20Consumer%20IOT%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Mobile&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Buffer%20Copy%20Without%20Checking%20Size%20of%20Input%20in%20Video&color=brighgreen)

### Description

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin

#### Github
- https://github.com/TinyNiko/android_bulletin_notes