Podatność CVE-2020-3622


Publikacja: 2020-09-08

Opis:
u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Typ:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
4.6/10
6.4/10
3.9/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Lokalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Częściowy
Częściowy
Częściowy
Affected software
Qualcomm -> Mdm9650 
Qualcomm -> Qcs404 
Qualcomm -> Sdm450 
Qualcomm -> Sxr1130 
Qualcomm -> Apq8009 
Qualcomm -> Mdm9655 
Qualcomm -> Qcs405 
Qualcomm -> Sdm630 
Qualcomm -> Sxr2130 
Qualcomm -> Apq8017 
Qualcomm -> Msm8905 
Qualcomm -> Qcs605 
Qualcomm -> Sdm632 
Qualcomm -> Apq8053 
Qualcomm -> Msm8909 
Qualcomm -> Qcs610 
Qualcomm -> Sdm636 
Qualcomm -> Apq8096au 
Qualcomm -> Msm8917 
Qualcomm -> Qm215 
Qualcomm -> Sdm660 
Qualcomm -> Apq8098 
Qualcomm -> Msm8920 
Qualcomm -> Rennell 
Qualcomm -> Sdm670 
Qualcomm -> Bitra 
Qualcomm -> Msm8937 
Qualcomm -> Sa415m 
Qualcomm -> Sdm710 
Qualcomm -> Ipq6018 
Qualcomm -> Msm8940 
Qualcomm -> Sa6155p 
Qualcomm -> Sdm845 
Qualcomm -> Ipq8074 
Qualcomm -> Msm8953 
Qualcomm -> Saipan 
Qualcomm -> Sdm850 
Qualcomm -> Kamorta 
Qualcomm -> Msm8996 
Qualcomm -> Sc7180 
Qualcomm -> Sdx20 
Qualcomm -> Mdm9150 
Qualcomm -> Msm8996au 
Qualcomm -> Sc8180x 
Qualcomm -> Sdx24 
Qualcomm -> Mdm9205 
Qualcomm -> Msm8998 
Qualcomm -> Sda660 
Qualcomm -> Sdx55 
Qualcomm -> Mdm9206 
Qualcomm -> Nicobar 
Qualcomm -> Sda845 
Qualcomm -> Sm6150 
Qualcomm -> Mdm9607 
Qualcomm -> Qca8081 
Qualcomm -> Sdm429 
Qualcomm -> Sm7150 
Qualcomm -> Mdm9640 
Qualcomm -> Qcm2150 
Qualcomm -> Sdm429w 
Qualcomm -> Sm8150 
Qualcomm -> Mdm9645 
Qualcomm -> Qcn7605 
Qualcomm -> Sdm439 
Qualcomm -> Sm8250 

 Referencje:
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

Copyright 2022, cxsecurity.com

 

Back to Top