Vulnerability CVE-2020-3622


Published: 2020-09-08

Description:
u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Qualcomm -> Mdm9650 
Qualcomm -> Qcs404 
Qualcomm -> Sdm450 
Qualcomm -> Sxr1130 
Qualcomm -> Apq8009 
Qualcomm -> Mdm9655 
Qualcomm -> Qcs405 
Qualcomm -> Sdm630 
Qualcomm -> Sxr2130 
Qualcomm -> Apq8017 
Qualcomm -> Msm8905 
Qualcomm -> Qcs605 
Qualcomm -> Sdm632 
Qualcomm -> Apq8053 
Qualcomm -> Msm8909 
Qualcomm -> Qcs610 
Qualcomm -> Sdm636 
Qualcomm -> Apq8096au 
Qualcomm -> Msm8917 
Qualcomm -> Qm215 
Qualcomm -> Sdm660 
Qualcomm -> Apq8098 
Qualcomm -> Msm8920 
Qualcomm -> Rennell 
Qualcomm -> Sdm670 
Qualcomm -> Bitra 
Qualcomm -> Msm8937 
Qualcomm -> Sa415m 
Qualcomm -> Sdm710 
Qualcomm -> Ipq6018 
Qualcomm -> Msm8940 
Qualcomm -> Sa6155p 
Qualcomm -> Sdm845 
Qualcomm -> Ipq8074 
Qualcomm -> Msm8953 
Qualcomm -> Saipan 
Qualcomm -> Sdm850 
Qualcomm -> Kamorta 
Qualcomm -> Msm8996 
Qualcomm -> Sc7180 
Qualcomm -> Sdx20 
Qualcomm -> Mdm9150 
Qualcomm -> Msm8996au 
Qualcomm -> Sc8180x 
Qualcomm -> Sdx24 
Qualcomm -> Mdm9205 
Qualcomm -> Msm8998 
Qualcomm -> Sda660 
Qualcomm -> Sdx55 
Qualcomm -> Mdm9206 
Qualcomm -> Nicobar 
Qualcomm -> Sda845 
Qualcomm -> Sm6150 
Qualcomm -> Mdm9607 
Qualcomm -> Qca8081 
Qualcomm -> Sdm429 
Qualcomm -> Sm7150 
Qualcomm -> Mdm9640 
Qualcomm -> Qcm2150 
Qualcomm -> Sdm429w 
Qualcomm -> Sm8150 
Qualcomm -> Mdm9645 
Qualcomm -> Qcn7605 
Qualcomm -> Sdm439 
Qualcomm -> Sm8250 

 References:
https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin

Copyright 2022, cxsecurity.com

 

Back to Top