Skip to main content

Nicobar Firmware CVE-2020-3674

MEDIUM
Out-of-bounds Read (CWE-125)
2020-09-09 product-security@qualcomm.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Sep 09, 2020 - 07:15 nvd
MEDIUM 5.5

DescriptionNVD

Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130

AnalysisAI

Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130 Affected products include: Qualcomm Nicobar Firmware, Qualcomm Qcs405 Firmware, Qualcomm Saipan Firmware, Qualcomm Sc8180X Firmware, Qualcomm Sdx55 Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

CVE-2020-3703 CRITICAL
9.8 Nov 02

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode r

CVE-2020-3692 CRITICAL
9.8 Nov 02

u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input valid

CVE-2020-3673 CRITICAL
9.8 Nov 02

u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check

CVE-2020-3654 CRITICAL
9.8 Nov 02

u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying int

CVE-2020-3675 CRITICAL
9.8 Sep 08

u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute'

CVE-2020-3669 CRITICAL
9.8 Sep 08

u'Buffer Overflow issue in WLAN tcp ip verification due to usage of out of range pointer offset' in Snapdragon Auto, Sna

CVE-2020-3668 CRITICAL
9.8 Sep 08

u'Buffer overflow while parsing PMF enabled MCBC frames due to frame length being lesser than what is expected while par

CVE-2020-3667 CRITICAL
9.8 Sep 08

u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in

CVE-2020-3699 CRITICAL
9.8 Jul 30

Possible out of bound access while processing assoc response from host due to improper length check before copying into

CVE-2020-3698 CRITICAL
9.8 Jul 30

Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response f

CVE-2020-3688 CRITICAL
9.8 Jul 30

Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapd

CVE-2020-3671 CRITICAL
9.8 Jul 30

Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compu

Share

CVE-2020-3674 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy