CVEs-PoC/2020/CVE-2020-11308.md

### [CVE-2020-11308](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11308)
![](https://img.shields.io/static/v1?label=Product&message=Snapdragon%20Auto%2C%20Snapdragon%20Compute%2C%20Snapdragon%20Connectivity%2C%20Snapdragon%20Consumer%20IOT%2C%20Snapdragon%20Industrial%20IOT%2C%20Snapdragon%20Mobile%2C%20Snapdragon%20Voice%20%26%20Music&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20Validation%20of%20Array%20Index%20in%20BOOT&color=brighgreen)

### Description

Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size is more than required in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

### POC

#### Reference
- https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin

#### Github
- https://github.com/TinyNiko/android_bulletin_notes