CVEs-PoC/2020/CVE-2020-11297.md

### [CVE-2020-11297](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11297)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Auto%2C%20Snapdragon%20Compute%2C%20Snapdragon%20Connectivity%2C%20Snapdragon%20Consumer%20Electronics%20Connectivity%2C%20Snapdragon%20Consumer%20IOT%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Voice%20%26%20Music&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Authorization%20in%20WLAN&color=brighgreen)

### Description

Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin

#### Github
- https://github.com/TinyNiko/android_bulletin_notes