Vulnerability CVE-2020-3686


Published: 2021-01-21

Description:
Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Type:

CWE-120

(Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Qualcomm -> Smb1354 
Qualcomm -> Qca1990 
Qualcomm -> Smr545 
Qualcomm -> Qca6564a 
Qualcomm -> Wcn3610 
Qualcomm -> Qcm4290 
Qualcomm -> Wcn6740 
Qualcomm -> Qdm3301 
Qualcomm -> Wtr1625l 
Qualcomm -> Qet5100 
Qualcomm -> Qfe3100 
Qualcomm -> Aqt1000 
Qualcomm -> Qfs2530 
Qualcomm -> Mdm9235m 
Qualcomm -> Qpa2625 
Qualcomm -> Msm8108 
Qualcomm -> Qpa8821 
Qualcomm -> Msm8953 
Qualcomm -> Qpm5870 
Qualcomm -> Pm6150l 
Qualcomm -> Qtc800h 
Qualcomm -> Pm7350c 
Qualcomm -> Sa8195p 
Qualcomm -> Pm8350b 
Qualcomm -> Sd690 5g 
Qualcomm -> Pm8952 
Qualcomm -> Sd888 5g 
Qualcomm -> Pmi8998 
Qualcomm -> Sdr8250 
Qualcomm -> Pmx50 
Qualcomm -> Smb1355 
Qualcomm -> Qca4020 
Qualcomm -> Smr546 
Qualcomm -> Qca6564au 
Qualcomm -> Wcn3615 
Qualcomm -> Qcm6125 
Qualcomm -> Wcn6750 
Qualcomm -> Qdm3302 
Qualcomm -> Wtr2100 
Qualcomm -> Qet5100m 
Qualcomm -> Apq8009 
Qualcomm -> Qfe3320 
Qualcomm -> Ar6003 
Qualcomm -> Qfs2580 
Qualcomm -> Mdm9310 
Qualcomm -> Qpa4340 
Qualcomm -> Msm8208 
Qualcomm -> Qpa8842 
Qualcomm -> Msm8956 
Qualcomm -> Qpm5875 
Qualcomm -> Pm6250 
Qualcomm -> Qtc800s 
Qualcomm -> Pm8004 
Qualcomm -> Sc8180x\+sdx55 
Qualcomm -> Pm8350bh 
Qualcomm -> Sd710 
Qualcomm -> Pm8953 
Qualcomm -> SD8C 
Qualcomm -> Pmk7350 
Qualcomm -> Sdr845 
Qualcomm -> Pmx55 
Qualcomm -> Smb1357 
Qualcomm -> Qca6174 
Qualcomm -> Wcd9306 
Qualcomm -> Qca6574 
Qualcomm -> Wcn3620 
Qualcomm -> Qcs2290 
Qualcomm -> Wcn6850 
Qualcomm -> Qdm4643 
Qualcomm -> Wtr2605 
Qualcomm -> Qet6100 
Qualcomm -> Apq8009w 
Qualcomm -> Qfe3335 
Qualcomm -> Ar8031 
Qualcomm -> Qfs2608 
Qualcomm -> Mdm9330 
Qualcomm -> Qpa4360 
Qualcomm -> Msm8209 
Qualcomm -> Qpm2630 
Qualcomm -> Msm8960 
Qualcomm -> Qpm6582 
Qualcomm -> Pm6350 
Qualcomm -> Qtc800t 
Qualcomm -> Pm8005 
Qualcomm -> Sd205 
Qualcomm -> Pm8350bhs 
Qualcomm -> Sd712 
Qualcomm -> Pm8996 
Qualcomm -> Sd8cx 
Qualcomm -> Pmk8001 
Qualcomm -> Sdr865 
Qualcomm -> Qat3514 
Qualcomm -> Smb1358 
Qualcomm -> Qca6174a 
Qualcomm -> Wcd9310 
Qualcomm -> Qca6574a 
Qualcomm -> Wcn3660 
Qualcomm -> Qcs405 
Qualcomm -> Wcn6851 
Qualcomm -> Qdm4650 

 References:
https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin
https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin

Copyright 2024, cxsecurity.com

 

Back to Top